• IP addresses are NOT logged in this forum so there's no point asking. Please note that this forum is full of homophobes, racists, lunatics, schizophrenics & absolute nut jobs with a smattering of geniuses, Chinese chauvinists, Moderate Muslims and last but not least a couple of "know-it-alls" constantly sprouting their dubious wisdom. If you believe that content generated by unsavory characters might cause you offense PLEASE LEAVE NOW! Sammyboy Admin and Staff are not responsible for your hurt feelings should you choose to read any of the content here.

    The OTHER forum is HERE so please stop asking.

Serious Top Secret Report Given To Good Minister Iswaran! Guess Who Hacked SingHealth?

JohnTan

JohnTan

Alfrescian (InfP)
Generous Asset
SINGAPORE - A report providing a thorough account of events that led to the cyber attack on SingHealth's patient database has been submitted to Minister-in-charge of Cyber Security S. Iswaran.

The report, which is classified top secret, sums up and assesses the evidence collected over 22 days of mostly public hearings from 37 witnesses, and offers recommendations on ways to secure huge databases to avoid a similar incident.

In a letter to Mr Iswaran on Monday (Dec 31), the four-member Committee of Inquiry (COI) appointed to look into the incident said: "This report contains sensitive information, and is hence classified 'Top Secret'."

"The contents of the report are the unanimous view of all members of the Committee," it added.

The full report on the attack, which is believed to be state-sponsored and the act of sophisticated hackers, is not being published for national security reasons.

However, the COI will release a public version of the report, including all its recommendations, by Jan 10, said a Ministry of Communications and Information spokesman. It will be accessible at http://mci.gov.sg/coireport.

Mr Iswaran, who is Minister for Communications and Information, and Minister for Health Gan Kim Yong, are expected to respond to the report in Parliament when the House sits in January.

In a letter thanking the COI for its report, Mr Iswaran said the panel has examined in great detail the responses to the incident and submitted a comprehensive set of recommendations to better manage and secure the IT systems of SingHealth, as well as those of other public healthcare clusters and the public sector, against similar attacks.

"The COI report is the result of an extensive fact-finding process and a rigorous inquiry over the past five months... Many more weeks were spent deliberating and finalising the report," he said.

"The Government takes cyber security with utmost seriousness," Mr Iswaran added.

"We will learn from this incident and take measures to further strengthen our public sector IT systems and uphold the trust of Singaporeans."

The high-level COI, chaired by retired senior judge Richard Magnus and comprising Mr Lee Fook Sun, Mr T. K. Udairam and Ms Cham Hui Fong, was appointed on July 24 this year to shed light on what led to the cyber attack on public health cluster SingHealth, which was Singapore's worst data breach.

In June, hackers stole the personal data of 1.5 million SingHealth patients and the outpatient prescription information of 160,000 people, including Prime Minister Lee Hsien Loong.

In his closing remarks on the last day of the COI hearings on Nov 30, Mr Magnus said that organisations must assume that they are already under cyber attack by proactively identifying and mitigating breaches.

Solicitor-General Kwek Mean Luck from the Attorney-General's Chambers, which led the evidence for the COI, had also spoken about the importance of organisational culture. He emphasised that cyber defence is everyone's job and not just that of the IT department. Mr Kwek also outlined 16 recommendations, including improving staff's cyber security awareness and performing enhanced checks.

Organisational culture became a key focus, as people are at the heart of all processes and systems. People click on links in e-mails, and people interpret data such as unusual traffic trying to access a database.

During the COI hearings, one issue that came under scrutiny was how staff at the Integrated Health Information Systems (IHiS), Singapore's central IT agency for the healthcare sector, reacted to suspicious network activities.

The COI heard that hackers first intruded into SingHealth's network in August 2017 after a user from the Singapore General Hospital fell prey to a phishing attack. The COI also heard that a middle manager of cyber security at IHiS, Mr Ernest Tan, was alerted to suspicious network activities as early as June 13 by his subordinate, system engineer Benjamin Lee.

But Mr Tan did not report them to higher management even after Mr Lee repeatedly said that the network was under attack. Mr Tan said he did not realise the severity of the incidents though he was told that attempts had been made to access 100,000 patient records.

Intrusions into SingHealth's electronic medical records system - billed as the crown jewels of its network - began on June 27 but were discovered only on July 4 and terminated that day by a junior staff member, IHiS database administrator Katherine Tan.

https://www.straitstimes.com/singap...itted-to-minister-in-charge-of-cyber-security
 
grandtour

grandtour

Alfrescian
Loyal
JohnTan said:
SINGAPORE - A report providing a thorough account of events that led to the cyber attack on SingHealth's patient database has been submitted to Minister-in-charge of Cyber Security S. Iswaran.

The report, which is classified top secret, sums up and assesses the evidence collected over 22 days of mostly public hearings from 37 witnesses, and offers recommendations on ways to secure huge databases to avoid a similar incident.

In a letter to Mr Iswaran on Monday (Dec 31), the four-member Committee of Inquiry (COI) appointed to look into the incident said: "This report contains sensitive information, and is hence classified 'Top Secret'."

"The contents of the report are the unanimous view of all members of the Committee," it added.

The full report on the attack, which is believed to be state-sponsored and the act of sophisticated hackers, is not being published for national security reasons.

However, the COI will release a public version of the report, including all its recommendations, by Jan 10, said a Ministry of Communications and Information spokesman. It will be accessible at http://mci.gov.sg/coireport.

Mr Iswaran, who is Minister for Communications and Information, and Minister for Health Gan Kim Yong, are expected to respond to the report in Parliament when the House sits in January.

In a letter thanking the COI for its report, Mr Iswaran said the panel has examined in great detail the responses to the incident and submitted a comprehensive set of recommendations to better manage and secure the IT systems of SingHealth, as well as those of other public healthcare clusters and the public sector, against similar attacks.

"The COI report is the result of an extensive fact-finding process and a rigorous inquiry over the past five months... Many more weeks were spent deliberating and finalising the report," he said.

"The Government takes cyber security with utmost seriousness," Mr Iswaran added.

"We will learn from this incident and take measures to further strengthen our public sector IT systems and uphold the trust of Singaporeans."

The high-level COI, chaired by retired senior judge Richard Magnus and comprising Mr Lee Fook Sun, Mr T. K. Udairam and Ms Cham Hui Fong, was appointed on July 24 this year to shed light on what led to the cyber attack on public health cluster SingHealth, which was Singapore's worst data breach.

In June, hackers stole the personal data of 1.5 million SingHealth patients and the outpatient prescription information of 160,000 people, including Prime Minister Lee Hsien Loong.

In his closing remarks on the last day of the COI hearings on Nov 30, Mr Magnus said that organisations must assume that they are already under cyber attack by proactively identifying and mitigating breaches.

Solicitor-General Kwek Mean Luck from the Attorney-General's Chambers, which led the evidence for the COI, had also spoken about the importance of organisational culture. He emphasised that cyber defence is everyone's job and not just that of the IT department. Mr Kwek also outlined 16 recommendations, including improving staff's cyber security awareness and performing enhanced checks.

Organisational culture became a key focus, as people are at the heart of all processes and systems. People click on links in e-mails, and people interpret data such as unusual traffic trying to access a database.

During the COI hearings, one issue that came under scrutiny was how staff at the Integrated Health Information Systems (IHiS), Singapore's central IT agency for the healthcare sector, reacted to suspicious network activities.

The COI heard that hackers first intruded into SingHealth's network in August 2017 after a user from the Singapore General Hospital fell prey to a phishing attack. The COI also heard that a middle manager of cyber security at IHiS, Mr Ernest Tan, was alerted to suspicious network activities as early as June 13 by his subordinate, system engineer Benjamin Lee.

But Mr Tan did not report them to higher management even after Mr Lee repeatedly said that the network was under attack. Mr Tan said he did not realise the severity of the incidents though he was told that attempts had been made to access 100,000 patient records.

Intrusions into SingHealth's electronic medical records system - billed as the crown jewels of its network - began on June 27 but were discovered only on July 4 and terminated that day by a junior staff member, IHiS database administrator Katherine Tan.

https://www.straitstimes.com/singap...itted-to-minister-in-charge-of-cyber-security
Click to expand...


If you believe former Top CIA NSA Whistle Blower Edward Snowden,
USA runs the Largest Hacking Network in the world.

American Hackers are the Best & Brightest Hackers on Earth
Who can deliberately leave Fake Footprints behind.

You will never truly know who hacked you...



https://www.dailymail.co.uk/news/ar...s-CIA-disguised-hacking-Russian-activity.html
Latest WikiLeaks release shows how the CIA uses computer code to hide the origins of its hacking attacks and 'disguise them as Russian or Chinese activity'
  • WikiLeaks published 676 source code files today which it claimed are from CIA
  • It says the CIA disguised its own hacking attacks to make it appear those responsible were Russian, Chinese, Iranian or North Korean
By Mail Online Reporter
Published: 12:02, 31 March 2017 | Updated: 19:17, 31 March 2017


WikiLeaks has published hundreds more files today which it claims show the CIA went to great lengths to disguise its own hacking attacks and point the finger at Russia, China, North Korea and Iran.

The 676 files released today are part of WikiLeaks' Vault 7 tranche of files and they claim to give an insight into the CIA's Marble software, which can forensically disguise viruses, trojans and hacking attacks.

WikiLeaks says the source code suggests Marble has test examples in Chinese, Russian, Korean, Arabic and Farsi (the Iranian language).

3DD1062200000578-4289942-image-a-1_1488897285235.jpg

WikiLeaks, founded by Julian Assange (pictured), claims its Vault 7 files come from the CIA's Center for Cyber Intelligence


It says: 'This would permit a forensic attribution double game, for example by pretending that the spoken language of the malware creator was not American English, but Chinese.'

This could lead forensic investigators into wrongly concluding that CIA hacks were carried out by the Kremlin, the Chinese government, Iran, North Korea or Arabic-speaking terror groups such as ISIS.

WikiLeaks, whose founder Julian Assange remains holed up in the Ecuadorean Embassy in London, said Vault 7 was the most comprehensive release of US spying files ever made public.

Earlier this month WikiLeaks published thousands of documents claiming to reveal top CIA hacking secrets, including the agency's ability to infiltrate encrypted apps, break into smart TVs and phones and program self-driving cars.

It also claims the CIA can bypass the encryption of Whatsapp, Signal, Telegram, Wiebo, Confide and Cloakman by hacking the smart phones the applications run on.

The CIA was also looking at hacking the vehicle control systems used in modern cars and trucks, WikiLeaks claims.

Wikileaks said the release of confidential documents on the agency already eclipses the total number of pages published over the first three years of the Edward Snowden NSA leaks.

Experts who've started to sift through the material said it appeared legitimate - and that the release was almost certain to shake the CIA.
 
W

winnipegjets

Alfrescian (Inf)
Asset
The report, which is classified top secret, sums up and assesses the evidence collected over 22 days of mostly public hearings from 37 witnesses, and offers recommendations on ways to secure huge databases to avoid a similar incident.

Evidence is from public hearing ....and report becomes top secret. Why? Because the findings embarrass the PAP government ...that's why it has to be top secret.
 
W

winnipegjets

Alfrescian (Inf)
Asset
grandtour said:
If you believe former Top CIA NSA Whistle Blower Edward Snowden,
USA runs the Largest Hacking Network in the world.

American Hackers are the Best & Brightest Hackers on Earth
Who can deliberately leave Fake Footprints behind.

You will never truly know who hacked you...



https://www.dailymail.co.uk/news/ar...s-CIA-disguised-hacking-Russian-activity.html
Latest WikiLeaks release shows how the CIA uses computer code to hide the origins of its hacking attacks and 'disguise them as Russian or Chinese activity'
  • WikiLeaks published 676 source code files today which it claimed are from CIA
  • It says the CIA disguised its own hacking attacks to make it appear those responsible were Russian, Chinese, Iranian or North Korean
By Mail Online Reporter
Published: 12:02, 31 March 2017 | Updated: 19:17, 31 March 2017


WikiLeaks has published hundreds more files today which it claims show the CIA went to great lengths to disguise its own hacking attacks and point the finger at Russia, China, North Korea and Iran.

The 676 files released today are part of WikiLeaks' Vault 7 tranche of files and they claim to give an insight into the CIA's Marble software, which can forensically disguise viruses, trojans and hacking attacks.

WikiLeaks says the source code suggests Marble has test examples in Chinese, Russian, Korean, Arabic and Farsi (the Iranian language).

3DD1062200000578-4289942-image-a-1_1488897285235.jpg

WikiLeaks, founded by Julian Assange (pictured), claims its Vault 7 files come from the CIA's Center for Cyber Intelligence


It says: 'This would permit a forensic attribution double game, for example by pretending that the spoken language of the malware creator was not American English, but Chinese.'

This could lead forensic investigators into wrongly concluding that CIA hacks were carried out by the Kremlin, the Chinese government, Iran, North Korea or Arabic-speaking terror groups such as ISIS.

WikiLeaks, whose founder Julian Assange remains holed up in the Ecuadorean Embassy in London, said Vault 7 was the most comprehensive release of US spying files ever made public.

Earlier this month WikiLeaks published thousands of documents claiming to reveal top CIA hacking secrets, including the agency's ability to infiltrate encrypted apps, break into smart TVs and phones and program self-driving cars.

It also claims the CIA can bypass the encryption of Whatsapp, Signal, Telegram, Wiebo, Confide and Cloakman by hacking the smart phones the applications run on.

The CIA was also looking at hacking the vehicle control systems used in modern cars and trucks, WikiLeaks claims.

Wikileaks said the release of confidential documents on the agency already eclipses the total number of pages published over the first three years of the Edward Snowden NSA leaks.

Experts who've started to sift through the material said it appeared legitimate - and that the release was almost certain to shake the CIA.
Click to expand...

The current flavour for enemy of the US is China and Iran. Russia is in the good books because of Trump, who is beholden to Russia.
 
sweetiepie

sweetiepie

Alfrescian
Loyal
JohnTan said:
The COI heard that hackers first intruded into SingHealth's network in August 2017 after a user from the Singapore General Hospital fell prey to a phishing attack. The COI also heard that a middle manager of cyber security at IHiS, Mr Ernest Tan, was alerted to suspicious network activities as early as June 13 by his subordinate, system engineer Benjamin Lee.

But Mr Tan did not report them to higher management even after Mr Lee repeatedly said that the network was under attack. Mr Tan said he did not realise the severity of the incidents though he was told that attempts had been made to access 100,000 patient records.
Click to expand...
KNN Mr Tan mati liao ber and Mr Lee promoted ber KNN
 
Rogue Trader

Rogue Trader

Alfrescian (Inf)
Asset
winnipegjets said:
.. Russia is in the good books because of Trump, who is beholden to Russia.
Click to expand...
As expected from a liberal, you are too simple minded. The US administration has many factions with their own agendas. Trump the clown is hardly the man totally behind CIA and its shady dealings
 
W

winnipegjets

Alfrescian (Inf)
Asset
Rogue Trader said:
As expected from a liberal, you are too simple minded. The US administration has many factions with their own agendas. Trump the clown is hardly the man totally behind CIA and its shady dealings
Click to expand...

Right-wingers are definitely dumb. That's why Trump managed to win the Presidency. Trump didn't realize how stupid were right-wing Americans until he won the election. Now, he is playing them like fools. Trump himself is pretty dumb too ...that's why Putin is having a pretty good time.

The world is more complex than just focusing on oneself. If everyone to themselves, the planet is doomed. And the planet is on the way to doomsday until the progressives wake up to stop the right-wing agenda of planetary destruction.
 
C

congo9

Alfrescian
Loyal
So what if people tried to hack Singhealth , I think it is more of the incompetency and the attitudes towards the job these professional are task to perform has failed badly.
 
K

KuanTi01

Alfrescian (Inf)
Asset
In Singapore, the government will slap the OSA on any news that is embarrassing or unflattering. All enquiries and reports should be made public. Heads must roll!
 
You must log in or register to reply here.

Similar threads

duluxe
Recalling 2018 SingHealth's data including LHL's medical record got hacked by state sponsored hackers, the perpetrator could be CCP?
Replies
5
Views
744
duluxe
duluxe
meaninglesslife
Iswaran allowed to leave S’pore to help son settle in at Australia uni; case transferred to High Court
Replies
3
Views
701
millim6868
M
Papsmearer
Independent News Report on Iswaran corruption case
2
Replies
20
Views
2K
ODACHEK
ODACHEK
Hightech88
Iswaran’s corruption probe has had ‘big impact’ on West Coast GRC: Desmond Lee
2
Replies
33
Views
3K
laksaboy
laksaboy
P
Serious Decision on Investigating OBS to be Decided Soon!
Replies
4
Views
903
red amoeba
red amoeba
Top