CS_EACA1

 

Cyber-attacks and data breaches can happen to any individual, practice or organisation

It is dangerous to assume that cyber-attacks and data breaches only affect large hospitals and healthcare organisations. Perpetrators often target practices or organisations that are the least prepared to deal with cyber-attacks, as they require the least effort to exploit. Furthermore, it is often not a question of whether these attacks or breaches will occur, but when. As such, it is critical for businesses and practices to know how to react in the event of any potential attack.


What should I do?

Before an incident occurs, organisations should have in place appropriate incident response plans. The plan should identify the security expert or personnel who will provide direction on ways to remediate the incident.

If you have been or suspect that you have been hacked, the incident response plan should be executed. Broadly, this should entail performing a security check on all affected system accounts and reporting the incident to the relevant authority. The plan should also describe steps that staff can take following the incident in question. For example, in an email phishing incident, the plan should document the appropriate responses to take: (i) identify malicious emails and delete them; (ii) proactively block websites (URLs) in question; and (iii) identify malware that might have been installed in your systems.

If you do encounter cyber-incidents, you are strongly encouraged to report them to SingCERT at https://www.csa.gov.sg/singcert/reporting. This includes incidents such as:

  • Phishing, extortion, scam emails (send Cyber Security Agency (CSA) your email header at CSA’s Report a Phishing Email initiative)
  • Phishing websites
  • Ransomware attacks
  • Website defacements
  • Malware hosting/Command and Control Servers
  • Unauthorised attempts (either failed or successful) to disrupt or gain access to a network, system or its data

Cybercrime is a serious criminal offence in Singapore where the Police are the relevant authority to investigate such offences. You should also lodge a police report at https://eservices.police.gov.sg/, if you think you may have been the victim of a cybercrime.

In addition, consider if your organisation needs to notify the Personal Data Protection Commission (PDPC) and/or affected individuals of a data breach (e.g. if the breach is likely to result in significant harm to affected individuals to whom the information relates OR if the breach is of a significant scale involving personal data of 500 or more individuals)