Mr Pritam Singh asked the Minister for Health (a) what was the cause of the seven-hour disruption to the websites of several public healthcare institutions on 1 November 2023; and (b) what remedial measures have been instituted to mitigate against future disruptions.
Mr Ong Ye Kung: The Internet connectivity disruption for public healthcare institutions on 1 November 2023 was triggered by abnormal spikes in Internet traffic, also known as a Distributed Denial-of-Service (DDoS) attack. The abnormal traffic circumvented the anti-DDoS blocking services and overwhelmed the firewall. This caused the firewall to filter out the traffic, as well as other services requiring Internet connectivity, including websites and Internet-reliant services, which became inaccessible.
Throughout the incident, patient care was not compromised. Mission critical systems needed for clinical services and operations at the public healthcare institutions, including access to patient records, continued uninterrupted. There has been no evidence to indicate that public healthcare data and internal networks have been compromised.
DDoS attacks are on the rise, with changing attack methods. Those who deploy them have a variety of motives, from hacktivism to petty misdemeanor. The defences against DDoS attacks will have to constantly evolve to keep up with developing threats. The public healthcare sector will take this opportunity to learn from the episode, review its defences against DDoS attacks and improve its incident response and recovery time.
Ministry of Health
22 November 2023
https://sprs.parl.gov.sg/search/#/sprs3topic?reportid=written-answer-na-15212
Office of the Leader of the Opposition 