DDoS attack was cause behind internet connectivity outage for public healthcare institutions in Singapore, ETCIO SEA

/in


Investigations on the internet connectivity disruption for public healthcare institutions which happened on 1 November 2023 showed that the outage was caused by a Distributed Denial-of-Service (DDoS) attack, where the attackers flood servers with internet traffic to prevent legitimate users from accessing online services. As per national healthtech agency Synapxe, which is responsible for the IT operations that support the country’s public healthcare network, no evidence has been found to indicate that public healthcare data and internal networks have been compromised.

Internet connectivity at public healthcare institutions was disrupted between 9.20am and 4.30pm on 1 November 2023, with most of the affected services restored by 5.15pm. During the disruption, services requiring internet connectivity at public healthcare institutions, including websites, emails, productivity tools for staff, were inaccessible.

Throughout the incident, Synapxe was able to sustain the mission critical systems needed for clinical services and operations at the public healthcare institutions, including access to patient records. Patient data and the internal networks remained accessible and unaffected. Patient care was not compromised.

Synapxe’s networks are protected in a layered defence designed to detect and respond to cyber threats, including DDoS attacks. Its systems are also designed with redundancies for resilience, and these include system backups. To minimise the risks of being overwhelmed by higher-than-usual internet traffic, Synapxe subscribes to services which block abnormal surges in internet traffic before they enter our public healthcare network. In addition, once the traffic is cleared by the blocking service, firewalls are in place to allow only legitimate traffic into the network.

On 1 November 2023, an abnormal surge in network traffic was detected at 9.15am. This surge circumvented the blocking service, and overwhelmed Synapxe’s firewall behind the blocks. This triggered the firewall to filter out the traffic, and all the websites and internet-reliant services became inaccessible. Once the cause was identified, Synapxe…

Source…