COI Report – Part IV
Page
101 of
425 18 PRELIMINARY MATTERS 18.1 Introduction to this Part 288.
In this Part, the Committee presents its findings in respect of TOR #2 for events up until 10 July 2018, when CSA was notified. Although TOR #2 refers to establishing how IHiS
and SingHealth
responded to the Cyber Attack, the facts show that the incident response up until 10 July 2018 was within the domain of
IHiS, and there was no involvement of SingHealth in this period.
289. The Committee’s findings on the events are largely set out in a chronological fashion in order to better reflect the sequence of events and the state of
mind of the persons involved, and to better contextualise their acts and omissions. Following the account of the events of each day or period of days, and where appropriate, the Committee will also provide its assessments of the incident response by the persons involved. In the course of making
its findings and assessments, the Committee will highlight facts and issues that would subsequently inform the recommendations that the Committee makes in respect of TORs #3, #4, and #5.
290. In making its findings, the
Committee will also highlight, based on CSA’s evidence, the various points prior to 10 July 2018 where CSA ought to have been informed in accordance with the NCIRF. Had these missed opportunities been taken up by IHiS, CSA could have been involved before the unauthorised access to the SCM database began on 26 June 2018, and the attack could have been prevented or its impact significantly mitigated. These missed opportunities are similarly instructive for the recommendations that the Committee makes in respect of TORs #3, #4, and #5.
Share with your friends: 
