Table of contents exchange of letters with the minister executive summary


EVENTS OF 14 TO 25 JUNE 2018 ................................................................ 138



Download 5.91 Mb.
View original pdf
Page87/329
Date27.11.2023
Size5.91 Mb.
#62728
1   ...   83   84   85   86   87   88   89   90   ...   329
Report of the COI into the Cyber Attack on SingHealth 10 Jan 2019
23
EVENTS OF 14 TO 25 JUNE 2018 ................................................................ 138
23.1
Monitoring access to the Citrix servers and the SCM database ................... 138 Forensic investigations into the PHI 1 Workstation and Workstation C ..... 138 Obtaining of Citrix server system event logs on 19 and 20 June 2018 ........ 139 23.4
Ernest’s actions after his return to Singapore on 18 June 2018 ................... 139 Assessment of IHiS’ incident response from 14 to 25 June 2018 ............... 142
24
EVENTS OF 26 JUNE 2018 ............................................................................ 144
24.1
Detecting a failed attempt at logging into the SCM database from Citrix Server 2 ........................................................................................................ 144 Investigating further into the use of VM 2 and the SA. account to login to
Citrix Server 2 .............................................................................................. 144 Identifying and seizing Workstation B ........................................................ 146 Imposing firewall blocks for the IP address range for the second IP address ......................................................................................................... 146 Discovering background processes being run on Citrix Server 2 ................ 147


COI Report – Part IV
Page 99 of 425

24.6
Discovering the use of the DA. account to access Citrix Server 3 from Citrix Server 2 and that the system event logs for these servers were deleted ...... 147 Discussions between Ernest and the CERT on the events of 26 June 2018 148 Assessment of IHiS’ incident response of 26 June 2018 ............................. 148
25
EVENTS OF 27 JUNE TO 3 JULY 2018....................................................... 150
25.1
Further investigations into Workstation B ................................................... 150 Assessment of IHiS’ incident response from 27 June to 3 July 2018 .......... 151

Download 5.91 Mb.

Share with your friends:
1   ...   83   84   85   86   87   88   89   90   ...   329



The database is protected by copyright ©ininet.org 2024
send message
    Main page
united states
total number
vast majority
federal government
other side
next generation
supreme court
information contained
current state
executive director
national association
middle east
east coast
general assembly
private sector
same time
west coast
united kingdom
united nations
total amount
full range
highest level
soviet union
european union
national academy