Table of contents exchange of letters with the minister executive summary



Download 5.91 Mb.
View original pdf
Page301/329
Date27.11.2023
Size5.91 Mb.
#62728
1   ...   297   298   299   300   301   302   303   304   ...   329
Report of the COI into the Cyber Attack on SingHealth 10 Jan 2019



COI Report – Part VII
Page 381 of 425

47 RECOMMENDATON #12: A SOFTWARE UPGRADE
POLICY WITH FOCUS ON SECURITY MUST BE
IMPLEMENTED TO INCREASE CYBER RESILIENCE
#PREVENTION VIGILANCE #GOVERNANCE
1107. A software
108
upgrade is a newer or better version of the software, in order to bring the system up to date, which typically offers a significant change or major improvement over the current version. OS upgrades in particular can make significant changes to a system in functionality, security, user interface etc over the previous version.
1108. In CSA’s assessment, outdated software was a contributing factor to the
Cyber Attack. For instance, there was a vulnerability in Microsoft Outlook which was exploitable by a publicly available hacking tool, which allowed the attacker to install malware on compromised workstations. Microsoft Outlook is part of the software package, Microsoft Office. As at August 2017, when the initial infection took place, only a few workstations in SingHealth were running an updated version of Microsoft Office, while the majority were still running the vulnerable version of Microsoft Office.
1109. Vivek testified that in general, newer versions of software are more secure than older versions, as they benefit from developments insecure coding practices.
IHiS and CII operators in general must actively update their software so that outdated and unsupported software, which significantly increase exposure to security risks, are replaced on a timely basis.
1110. Upgrading software allows systems to benefit from additional protections and ensures that systems have the latest security solutions to help limit the cyber The term software as used in this recommendation refers both to systems software and application software. Systems software includes the programs that are dedicated to managing the computer itself, such as the operating system. Application software includes programs that are used to complete tasks, such as creating documents, spreadsheets, and publications, doing online research, sending email etc.


Download 5.91 Mb.

Share with your friends:
1   ...   297   298   299   300   301   302   303   304   ...   329



The database is protected by copyright ©ininet.org 2024
send message
    Main page
united states
total number
vast majority
federal government
other side
next generation
supreme court
information contained
current state
executive director
national association
middle east
east coast
general assembly
private sector
same time
west coast
united kingdom
united nations
total amount
full range
highest level
soviet union
european union
national academy