You are here
Mindef's Internet system breached in cyberattack
THE Defence Ministry (Mindef) fell victim in early February to a major cyberattack on its Internet system that resulted in the personal details of about 850 of its servicemen and employees being stolen.
This was the first time that its I-net system was breached.
The ministry said that the possible intent of the perpetrators could have been to gain access to official secrets. It stressed that no classified military information was compromised, as this data is stored in a separate system.
Speaking to reporters on Tuesday, Mindef deputy secretary for technology David Koh described the attacks, which were carried out remotely over the Internet, as "targeted and well planned".
"Based on our investigations, it is not the work of casual hackers or criminal gangs," said Mr Koh, who is also the chief executive of the government's Cyber Security Agency (CSA).
The I-net system enables national servicemen and Mindef employees to access the Internet via dedicated computer terminals in the ministry and at Singapore Armed Forces (SAF) camps and premises.
The stolen personal data - NRIC numbers, telephone numbers and birth dates - was stored on the system for account management.
All users have to log in to I-net with their accounts to use the terminals. Mindef said that no passwords were lost as a result of the breach.
Mr Koh added that the ministry's multi-layered approach to cyberdefence prevented the attackers from penetrating deeper into the part of the system containing classified military information.
Once the breach was detected, Mindef disconnected the affected server from I-net and immediatly carried out detailed forensic investigations on the entire system; all other computer systems within Mindef and the SAF are also being investigated.
Mindef has also informed the CSA - the national agency overseeing Singapore's cybersecurity - and the Government Technology Agency of Singapore to investigate other government systems. The ministry confirmed that no other breaches have been found so far.
Despite the incident, both Mindef and SAF will continue to provide Internet access to their servicemen and employees, while beefing up efforts to strengthen cyberdefences "as the level of targeted attacks is expected to continue to rise".
Mr Koh said: "It's no secret that government agencies, including Mindef, are prime targets and we are under constant cyberattack. Because of this, we'll need to continually be vigilant and improve our cyberdefences so that we remain resilient."
While the investigations are ongoing, Mindef said that it would contact the 850-odd personnel affected by the I-net breach within this week.
They will be informed that their personal data has been stolen and be asked to change their passwords for other systems if these use any of the stolen information. A special helpdesk has also been set up to assist them.
Mr Koh said: "Mindef is sorry for the inconvenience and potential harm that this cyber breach has caused."
Some security specialists told BT that the cyberattack on Mindef could have been sponsored by other states.
Bill Taylor-Mountford, the vice-president (Asia-Pacific & Japan) of American security intelligence company LogRhythm said that Mindef's "quick detection and subsequent corrective actions" to rectify the breach probably mitigated the damage and prevented critical data from being stolen.
"The attack shows that even the most fortified cyberdefences can be breached by persistent, and possibly state-funded attackers. While preventive measures are still a mandatory part of a muti-layered defence, this incident highlights the importance of reducing the time to detect and respond to such threats," he said.
Sanjay Aurora, managing director (Asia-Pacific) of UK-based cybersecurity firm Darktrace, said that the breach heralds the new era of "trust attacks", which aim to erode faith in the integrity of a country's data and the public institutions that host it.
"Ultimately, everyone is a target and attackers will get in. The important question is how we can stop the threat already inside the network, before it escalates into a crisis."
The Mindef breach was not the first time that the Singapore government has been on the receiving end of a successful cybersecurity attack. Other significant incidents include a breach of the Foreign Ministry's IT system in 2014 and the hacking of the Istana and Prime Minister's Office websites the year before that.