22nd Nov 2023
NOTICE PAPER NO. 2397
NOTICE OF QUESTION FOR WRITTEN ANSWER
FOR THE SITTING OF PARLIAMENT ON 22 NOVEMBER 2023
Name and Constituency of Member of Parliament
Mr Melvin Yong Yik Chye
MP for Radin Mas
Question No. 5213
To ask the Minister for Health (a) over the past five years, what is the average number of cyberattacks faced by our public healthcare institutions annually; (b) what safeguards are put in place to protect such critical systems; and (c) what allowed the cyberattack on 1 November 2023 to succeed in bringing a seven-hour disruption to the websites of several public healthcare institutions.
Answer
Synapxe receives and blocks an average of 3,000 malicious emails per day, and 1.7 million attempts to bypass internet-facing firewalls per month.
Critical Information Infrastructure in the healthcare sector are regulated under the Cybersecurity Act. We adopt a layered Defence-In-Depth approach to safeguard our systems. In addition, we have an Advanced Security Operations Centre with detection and response capabilities; and incident response processes calibrated against actual security incidents and aligned to the National Cybersecurity Incident Response Framework. More than 10 cybersecurity Table-Top Exercises have also been conducted in the last five years.
The internet connectivity disruption for public healthcare institutions on 1 November 2023 was triggered by abnormal spikes in internet traffic, also known as a Distributed Denial-of-Service (DDoS) attack. The abnormal traffic circumvented the anti-DDoS blocking services and overwhelmed the firewall. This caused the firewall to filter out the traffic, as well as other services requiring internet connectivity, including websites and internet-reliant services, which became inaccessible.
Since the disruption, Synapxe has enhanced its anti-DDoS measures. The public healthcare sector will take this opportunity to learn from the episode, review its defences against DDoS attacks, and improve its incident response and recovery time.