Written Answer to Unanswered Oral Question

Lessons from Seven-hour Disruption to Websites of Major Public Healthcare Institutions on 1 November 2023

22 November 2023 · Ministry of Health

Speakers

Jessica Tan Soon Neo (Deputy Speaker) Poh Li San Pritam Singh (Leader of the Opposition) Ong Ye Kung (Minister for Health)

Summary

This question concerns the causes, impact, and mitigation strategies regarding the seven-hour disruption to public healthcare websites on 1 November 2023. Ms Poh Li San, Mr Pritam Singh, and Ms Jessica Tan Soon Neo inquired about the motives behind the incident and measures to prevent recurrence. Minister for Health Ong Ye Kung explained that a Distributed Denial-of-Service (DDoS) attack overwhelmed firewalls, while mission-critical systems and patient records remained accessible. He highlighted that patient care was not compromised and there was no evidence of any data or internal network breaches. Consequently, the healthcare sector will review its defences and improve incident response and recovery times to keep pace with evolving cyber threats.

Transcript

32 Ms Poh Li San asked the Minister for Health (a) what caused the inaccessibility of the websites of major public hospitals and polyclinics for more than seven hours on 1 November 2023; (b) what was the impact on users of these websites; (c) what lessons were learnt from this disruption; and (d) what measures will be put in place to mitigate the risks and prevent the reoccurrence of similar disruptions.

33 Mr Pritam Singh asked the Minister for Health (a) what was the cause of the seven-hour disruption to the websites of several public healthcare institutions on 1 November 2023; and (b) what remedial measures have been instituted to mitigate against future disruptions.

34 Ms Jessica Tan Soon Neo asked the Minister for Health (a) whether the Ministry has any insight on the motive of the distributed denial-of-service attack on 1 November 2023 which caused disruptions to polyclinics and other public healthcare institutions; and (b) what are the implications on healthcare and other services provided by public healthcare institutions as reports indicate that such attacks are likely to continue.

Mr Ong Ye Kung: The Internet connectivity disruption for public healthcare institutions on 1 November 2023 was triggered by abnormal spikes in Internet traffic, also known as a Distributed Denial-of-Service (DDoS) attack. The abnormal traffic circumvented the anti-DDoS blocking services and overwhelmed the firewall. This caused the firewall to filter out the traffic, as well as other services requiring Internet connectivity, including websites and Internet-reliant services, which became inaccessible.

Throughout the incident, patient care was not compromised. Mission critical systems needed for clinical services and operations at the public healthcare institutions, including access to patient records, continued uninterrupted. There has been no evidence to indicate that public healthcare data and internal networks have been compromised.

DDoS attacks are on the rise, with changing attack methods. Those who deploy them have a variety of motives, from hacktivism to petty misdemeanor. The defences against DDoS attacks will have to constantly evolve to keep up with developing threats. The public healthcare sector will take this opportunity to learn from the episode, review its defences against DDoS attacks and improve its incident response and recovery time.