Skip to main content

What do you think about our new look?

We've revamped our site to make it snappier, more accessible, and with an improved look and feel. Please let us know how we can serve you better. Give feedback

Ministry of Health
  1. Home
  2. Newsroom
  3. Average Number of Cyberattacks on Public Healthcare Institutions Annually
Parliamentary QA

Average Number of Cyberattacks on Public Healthcare Institutions Annually

22 November 2023

This article has been migrated from an earlier version of the site and may display formatting inconsistencies.

NOTICE PAPER NO. 2397
NOTICE OF QUESTION FOR WRITTEN ANSWER
FOR THE SITTING OF PARLIAMENT ON 22 NOVEMBER 2023

Name and Constituency of Member of Parliament
Mr Melvin Yong Yik Chye
MP for Radin Mas

Question No. 5213

To ask the Minister for Health (a) over the past five years, what is the average number of cyberattacks faced by our public healthcare institutions annually; (b) what safeguards are put in place to protect such critical systems; and (c) what allowed the cyberattack on 1 November 2023 to succeed in bringing a seven-hour disruption to the websites of several public healthcare institutions.

Answer

Synapxe receives and blocks an average of 3,000 malicious emails per day, and 1.7 million attempts to bypass internet-facing firewalls per month. 

Critical Information Infrastructure in the healthcare sector are regulated under the Cybersecurity Act. We adopt a layered Defence-In-Depth approach to safeguard our systems. In addition, we have an Advanced Security Operations Centre with detection and response capabilities; and incident response processes calibrated against actual security incidents and aligned to the National Cybersecurity Incident Response Framework. More than 10 cybersecurity Table-Top Exercises have also been conducted in the last five years. 

The internet connectivity disruption for public healthcare institutions on 1 November 2023 was triggered by abnormal spikes in internet traffic, also known as a Distributed Denial-of-Service (DDoS) attack. The abnormal traffic circumvented the anti-DDoS blocking services and overwhelmed the firewall. This caused the firewall to filter out the traffic, as well as other services requiring internet connectivity, including websites and internet-reliant services, which became inaccessible. 

Since the disruption, Synapxe has enhanced its anti-DDoS measures. The public healthcare sector will take this opportunity to learn from the episode, review its defences against DDoS attacks, and improve its incident response and recovery time.