Table of contents exchange of letters with the minister executive summary



Download 5.91 Mb.
View original pdf
Page222/329
Date27.11.2023
Size5.91 Mb.
#62728
1   ...   218   219   220   221   222   223   224   225   ...   329
Report of the COI into the Cyber Attack on SingHealth 10 Jan 2019

COI Report – Part VII
Page 268 of 425

(c) ATP which analyses URLs and attachments in virtualised machines.
779. Vivek’s expert opinion is that IHiS needs to implement advanced malware detection on incoming emails as emails remain one of the most preferred means by which advanced attackers target organisations. Phishing emails allow the attacker to get to a person with the right kind of message to lure that person into clicking on the email, attachment, link etc. In the process, the attacker gains a foothold in the network. Vivek also recommends that alerts be configured such that every advanced malware detection is treated with high priority. Protecting emails from advanced malware will go along way in stopping cyber attacks at the point of entry.
780. We recommend that IHiS, together with CSA, review the efficacy of the email-protection measures that are currently in place, as testified to by Leong
Seng. With such measures in place, the questions that need answering are Why did the phishing emails go undetected Was there a failure in technology Were the emails cleared as benign, when they were in fact malicious Was the malicious code not detected because the systems currently in place are signature- based, and the code had not been seen in the wild before Was it a process failure Were the emails flagged as malicious, but alerts/blocking were not triggered as required
781. These are crucial questions that must be answered in order for IHiS, working with CSA, to ensure that adequate email protection measures are in place henceforth.


COI Report – Part VII
Page 269 of 425

38 RECOMMENDATION #3: STAFF AWARENESS ON
CYBERSECURITY MUST BE IMPROVED TO ENHANCE
CAPACITY TO PREVENT, DETECT, AND RESPOND TO
SECURITY INCIDENTS
#PREVENTION DETECTION RESPONSE PEOPLE DEVELOPMENT
782. Employees can be the first line of defence in a cyber attack, but they can also bean organisation’s Achilles heel. If employees do not understand security policies and procedures, how to mitigate risks, or are not prepared to respond to a security breach, they are potentially contributing, whether intentionally or not, to breaches in cybersecurity.
783. Even the best technological solutions can be circumvented by lax security practices by end-users. For example, in the case of the Cyber Attack, CSA’s hypothesis is that the attacker gained its initial foothold via a phishing email.
784. It is thus important to inculcate in all staff a culture of good cyber hygiene, and the understanding that cybersecurity is everyone’s responsibility, not just that of the IT department.
785. Having strong security technology is not enough. This is in recognition of the fact that cybersecurity is both a science and an art. Even if one is able to achieve the science (i.e. all the technical capabilities, it can be undermined by people who are untrained in the art. Training employees in cybersecurity is therefore a priority. Adequate training for personnel can dramatically decrease the likelihood of a successful cyber attack.

Download 5.91 Mb.

Share with your friends:
1   ...   218   219   220   221   222   223   224   225   ...   329



The database is protected by copyright ©ininet.org 2024
send message
    Main page
united states
total number
vast majority
federal government
other side
next generation
supreme court
information contained
current state
executive director
national association
middle east
east coast
general assembly
private sector
same time
west coast
united kingdom
united nations
total amount
full range
highest level
soviet union
european union
national academy