The Singaporean Defence Ministry was hit by a cyber attack, no secrets were exfiltrated

Pierluigi Paganini February 28, 2017

The Singaporean Defence Ministry confirmed that threat actors have breached government systems stealing personal information of its employees.

On Tuesday, the Defence Ministry confirmed that unknown hackers have breached government system and have stolen personal information belonging about 850 Singapore national servicemen and employees.

Data accessed by hackers includes telephone numbers, dates of birth, and national ID numbers.

According to the Singaporean Defence Ministry the hackers were searching for official secrets.

The Singaporean Defence Ministry discovered the security breach this month, the hackers penetrated the I-net system that provides Internet access to national servicemen and employees for their personal communications or Internet surfing.

I-net computer terminals are used in both MINDEF and Singapore Armed Forces (SAF) camps and premises. The nature of the attack suggests investigators the attackers are politically motivated.

According to the ministry, the hackers haven’t exfiltrated classified military information because it is not accessible from the I-net.

“Classified matters in MINDEF/SAF use a different computer system with more stringent security features and are not connected to the Internet,” the official statement published on its website stated.

“The attack on I-net appeared to be targeted and carefully planned,” it said.

“The real purpose may have been to gain access to official secrets, but this was prevented by the physical separation of I-net from our internal systems,” MINDEF added.

“We will continually strengthen our cyber defenses as the level of targeted attacks is expected to continue and rise,”

The ministry told the Cyber Security Agency and the Government Technology Agency to extend the investigation to other government systems, fortunately, at the time I was writing no other security breach had been discovered by the experts.

In middle 2015, the Government of Singapore announced the separation of civil servants’ work computers from the Internet in order to secure Government networks. The measure was aimed at preventing cyber attacks that could inject malware into the government email network.

The local news agency The Straits Times reported that the measure impacted some 100,000 computers.

Even before the announcement a number of ministries in Singapore, including the defence and the foreign affairs ministries, had been using separate systems to access the Internet.

Singaporean Defence Ministry

The Government and national infrastructure are a privileged target of hackers, in 2014 a section of the prime minister’s website, as well the website of the presidential residence were targeted by unknown attackers.

In December 2015, experts at FireEye discovered a stealthy botnet relying on a backdoor called LATENTBOT that compromised companies around, including Singapore. In January, a new variant of the infamous Tinba banking trojan has emerged in the wild and targeted financial institutions in the Asia Pacific region, including Singapore.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Singaporean Defence Ministry,  security)



you might also like

leave a comment