Synapxe has conducted further and thorough investigations with the Cyber Security Agency of Singapore (CSA) into the internet connectivity disruption for public healthcare institutions on 1 November 2023. Investigations have confirmed that it was caused by a Distributed Denial-of-Service (DDoS) attack. There is also no evidence to indicate that public healthcare data and internal networks had been compromised.
2. Internet connectivity at public healthcare institutions was disrupted between 9.20am and 4.30pm on 1 November 2023. Throughout the incident, Synapxe was able to sustain the mission critical systems needed for clinical services and operations at the public healthcare institutions, which remained accessible and unaffected. Patient care was not compromised.
3. The incident is a stark reminder that DDoS attacks are on the rise, with changing attack methods that evade monitoring mechanisms. While DDoS attacks cannot be prevented, we can continue to evolve our defences against DDoS attacks.
4. The public healthcare sector has taken this opportunity to learn from the incident and make improvements. We will strengthen our system design to make it more resilient against such new forms of DDoS attacks in future. We will also improve our operating processes through a combination of enhanced monitoring, and tighter coordination between identification of the threats and activation of appropriate defensive measures. These changes will allow us to better respond against future attacks, and safeguard the reliability and accessibility of our public healthcare systems.