Like many other countries in Asia, companies in Singapore have been under siege – from ransomware attacks.
In August, a ransomware attack affected the personal data and clinical information of nearly 73,500 patients of Eye & Retina Surgeons, a private eye clinic. However, the clinic said it has not paid any ransom, and pointed out that no credit card or bank account information was accessed or compromised.
The Ministry of Health (MOH) said that the clinic’s compromised IT systems are not connected to the ministry’s IT systems, such as the National Electronic Health Record, and there have been no similar cyber attacks on MOH’s IT systems.
The ministry added that it has asked ERS to investigate the incident, carry out a thorough review of its systems and work with the Cyber Security Agency (CSA) to take immediate mitigating actions to strengthen its cyber defences, according to a report in Straits Times.
Further, ERS added that its IT system has been restored securely, and its IT providers have completed a thorough check of the clinic’s system, reformatted servers and run anti-virus scans on all computer terminals.
Measures will be taken to prevent the breach from recurring, the company said. ERS is working with the government authorities to investigate how the attack happened and with the help of security experts is also trying to identify potential areas where security can be tightened.
The clinic said in a statement that it uses reputable and established external IT service providers to advise on and maintain its IT systems, and subscribes to appropriate anti-virus and other protective software, which is regularly updated.
The numbers point to this trend too. Cyber Security Agency (CSA) figures showed that ransomware cases in Singapore surged 154 per cent from 35 cases in 2019 to 89 last year.
In the same month, insurer Tokio Marine Insurance Singapore was also hit by a ransomware attack. The company said that there was no indication of a breach of customer information nor confidential information of the Tokio Marine Group.
Similarly, on Aug 19, The Business Times reported that Temasek-backed payments platform company Pine Labs was subjected to a ransomware attack. Hackers had stolen confidential documents between Pine Labs and several Indian banks, and held the information hostage.
Singapore is not alone in battling the ransomware menace. Countries across Asia are taking steps to tackle this issue.
In August, South Korea’s Ministry of Science and ICT said it would strengthen support to small businesses that have weaker cybersecurity systems by offering them data back-up, encryption and restoration systems to protect their internal data in order to help restore their systems in ransomware attacks.
Cyberattacks using ransomware have been on the rise in South Korea, with 78 such attacks reported to the country’s internet security agency in the first half of the year, compared with 39 in 2019 and 127 cases in total last year.
A study by Vietnam’s Bach Khoa Antivirus Center (Bkav) found out that the country suffered a staggering loss of $1 billion (24 trillion Vietnamese Dong) due to cyberattacks.
What can companies do to prevent ransomware infections?
- Update and patch your computer. Ensure your applications and operating systems (OSs) have been updated with the latest patches. Vulnerable applications and OSs are the target of most ransomware attacks.
- Use caution with links and when entering website addresses. Be careful when clicking directly on links in emails, even if the sender appears to be someone you know. Attempt to independently verify website addresses (e.g., contact your organisation’s helpdesk, search the internet for the sender organization’s website or the topic mentioned in the email).
- Pay attention to the website addresses you click on, as well as those you enter yourself. Malicious website addresses often appear almost identical to legitimate sites, often using a slight variation in spelling or a different domain (e.g., .com instead of .net). Be wary of opening email attachments, even from senders you think you know, particularly when attachments are compressed files or ZIP files.
- Keep your personal information safe. Check a website’s security to ensure the information you submit is encrypted before you provide it.
- Verify email senders. If you are unsure whether or not an email is legitimate, try to verify the email’s legitimacy by contacting the sender directly. Do not click on any links in the email. If possible, use a previous (legitimate) email to ensure the contact information you have for the sender is authentic before you contact them.
- Inform yourself. Keep yourself informed about recent cybersecurity threats and up to date on ransomware techniques. You can find information about known phishing attacks on the Anti-Phishing Working Group website. You may also want to sign up for CISA product notifications, which will alert you when a new Alert, Analysis Report, Bulletin, Current Activity, or Tip has been published.
- Use and maintain preventative software programs. Install antivirus software, firewalls, and email filters—and keep them updated—to reduce malicious network traffic. (Source: US CERT)