The heist, which officials suggested may have been carried out by a nation-state, extracted only basic data on 850 government users
Singapore’s Ministry of Defence, Mindef, said basic personal information on 850 national servicemen and staff were stolen from an Internet-facing network in what it called a “targeted and carefully planned” attack.
The individuals’ national ID numbers, telephone numbers and dates of birth were stolen from a system called I-net which provides staff with Internet access for personal communications and viewing the web on thousands of dedicated terminals within Mindef’s premises, as well as armed forces camps and premises.
‘Targeted and carefully planned’
I-net holds no classified information and is not linked to the ministry’s more sensitive internal systems, which have no connection to the Internet.
The ministry said this was the first time I-net has been breached.
“The attack on I-net appeared to be targeted and carefully planned,” it said in a statement. “The real purpose may have been to gain access to official secrets, but this was prevented by the physical separation of I-net from our internal systems.”
It said the country’s Cyber Security Agency and Government Technology Agency had been ordered to probe other government systems, but had found no evidence of an intrusion there.
The attack was discovered in early February and the ministry said it delayed disclosure while the investigation was carried out.
David Koh, the ministry’s deputy secretary of technology, was cited in local media reports as suggesting the attack may have been orchestrated by a nation-state.
“The attack did not come from camps or internal systems,” he said. “Neither was it the work of casual hackers or criminal gangs.”
Infrastructure under attack
The ministry said it disconnected the affected server upon discovering the attack, but allowed I-net to continue to function. The vulnerabilities used to hack the server have been fixed, according to Koh.
Singapore last year pushed ahead with a security regime aimed at disconnecting government internal systems from the public Internet, a policy some departments, including the defence and foreign affairs ministries, had already put into place.
The Queen earlier this month formally opened the National Cyber Security Centre (NCSC), aimed at protecting the UK’s government and critical infrastructure systems from Internet-based attacks.
Ahead of the launch event NCSC head Ciaran Martin said the UK had been hit by 188 serious cyber attacks in the three months since the NCSC had begun operations, while chancellor Phillip Hammond estimated the government had blocked more than 34,000 “potential attacks” on government departments and members of the public over the previous six months.
Do you know all about security in 2017? Try our quiz!