A breach in an Internet-connected system at the Ministry of Defence (MINDEF) earlier this month has resulted in the personal data of 850 national servicemen and employees being stolen, the ministry said on Tuesday (Feb 28).
No classified military data were stolen in the breach of the I-net system, MINDEF said. Classified military information is stored on a separate system that is not connected to the Internet and has more stringent security features, it added.
The I-net system is used by national servicemen and MINDEF employees to access the Internet via dedicated terminals in ministry premises and Singapore Armed Forces (SAF) camps.
The stolen personal data include NRIC numbers, telephone numbers and dates of birth – information which was stored on the system for account management, such as to track usage and surfing behaviour. No passwords were lost, the ministry said.
The affected server was disconnected after the breach was discovered, with immediate and detailed forensic investigations conducted on the entire I-net system to determine the extent of the attack, MINDEF said.
ATTACKS WERE TARGETED, WELL-PLANNED: MINDEF
According to MINDEF, the attack originated online and not from an SAF camp, and the aim was to gain access to official secrets.
“The attacks were targeted and well-planned. Based on our investigations, they are not the work of casual hackers or criminal gangs,” said MINDEF’s Deputy Secretary for Technology David Koh.
Mr Koh, who also leads the Government’s Cyber Security Agency (CSA), added that the physical, multi-layered separation of I-net from internal systems prevented the attackers from being able to penetrate deeper into internal systems containing classified military information.
MINDEF said it has informed CSA and the Government Technology Agency of Singapore to investigate other government systems. No breaches of these systems have been detected so far.
As a precaution, all other computer systems in MINDEF and SAF will be checked, it added.
HELPDESK TO BE SET UP FOR AFFECTED PERSONNEL
The ministry will contact the national servicemen and employees who had their data stolen within the week. They will be advised to change their passwords for other systems that may use the stolen personal information, and to report any unusual activity in the use of their personal information to MINDEF or SAF. A special helpdesk will also be set up to assist them.
On why the breach was not announced earlier, MINDEF said it needed to maintain operational security and to conduct its investigation. It added that a press briefing was called once the extent and severity of the breach were clear.
Despite the incident, MINDEF said it will not cut off Internet access for national servicemen and employees, but will continue to strengthen its cyberdefence as the level of attacks rise.
“It’s no secret that government agencies, including MINDEF, are prime targets, and we are under constant cyberattack. Because of this we need to continually be vigilant and improve our cyber defences so that we remain resilient against cyberattacks,” said Mr Koh.
This is the first such cybersecurity breach in MINDEF. Other significant cyberattacks on the Singapore Government include the breach of the Foreign Affairs Ministry’s IT system in 2014, and the hacking of the Istana and Prime Minister’s Office websites in 2013.