Major Cybersecurity Issues in Healthcare Facing Singapore

 

According to the Cyber Security Agency of Singapore’s (CSA) Singapore Cyber Landscape Report in 2020, the healthcare sector is one of the top three targets of ransomware in Singapore, with a 154% collective increase from pre-pandemic days in 2019. Given this rise in cybersecurity issues in healthcare, doctors must be aware of the specific digital risks they may face in their daily clinic operations and the steps they can take to mitigate them.

cybersecurity issues in healthcare

In this article, we will explore the major cybersecurity issues facing the healthcare sector in Singapore. By examining these issues in detail, we aim to equip healthcare organizations with the knowledge needed to enhance their cybersecurity practices and protect sensitive patient information in an increasingly digital landscape.

 

Current situation of cybersecurity issues in healthcare In Singapore

 

As healthcare becomes more digitalized with networked systems and software medical devices, providers are increasingly connected, enhancing patient care. Secure health information sharing is crucial as we move towards mandatory contributions of selected patient records to the National Electronic Health Records (NEHR) under the future Health Information Bill (HIB).

 

The Cybersecurity Agency of Singapore (CSA) reports a growing scale of cybercrimes, with 33,669 cases in 2022. The healthcare sector remains a top target for ransomware attacks, underscoring the importance of addressing cybersecurity issues in healthcare. As some providers still use paper records, securing these alongside digital systems is vital, ensuring both are protected.

 

Watch more: 10 Leading Cyber Security Platforms for Singapore Enterprises

 

Common Cybersecurity Issues in Healthcare of Singapore

 

Data Breach 

 

Cybersecurity issues in healthcare information technology pose significant risks to patients and healthcare facilities in Singapore. A data breach can expose sensitive information, such as social security numbers and medical records, leading to identity theft and financial fraud. Medical facilities may also face financial losses and reputational damage from such breaches.

 

Failing to update cybersecurity systems, and overlooking additional security measures leave businesses vulnerable to cybercriminals. In 2020, a cyberattack on AXA Insurance’s health portal in Singapore compromised the personal data of 5,400 customers

 

Although the breach involved contact information and dates of birth, it did not include financial details. This incident prompted AXA to review its IT security and control measures, emphasizing the critical need for vigilance in cybersecurity across all sectors.

 

Malware and Ransomware

 

Malware attacks are among the most prevalent cybersecurity issues in healthcare. Healthcare organizations are particularly susceptible to malware and ransomware attacks due to their large amounts of sensitive patient data, which is highly valuable to cybercriminals.

 

Ransomware, a type of malware, encrypts a victim’s files and demands a ransom for their release. Such attacks can severely disrupt healthcare delivery and compromise patient data, leading to substantial financial losses. A notable example is the 2016 ransomware attack on Hollywood Presbyterian Medical Center.

 

In 2021, ransomware cases surged by 54%, and phishing attempts on Singapore targets increased by 175% in 2022, with the banking and healthcare sectors being the most frequently spoofed. These trends highlight the ongoing threat of cybercrime and the necessity for continuous vigilance and improvement in cybersecurity. 

 

Strengthening network security and managing internet traffic effectively can help protect businesses from malware and ransomware attacks.

 

DDoS attacks

 

Distributed Denial of Service (DDoS) attacks are one serious cybersecurity issues in healthcare to clinics and medical organizations. These attacks disrupt normal network or system operations by overwhelming them with traffic from multiple sources, potentially crippling essential services.

 

In 2023, a DDoS attack on November 1st targeted the websites of Singapore’s public healthcare institutions, causing an hours-long outage. While critical healthcare services remained operational, internet-dependent services such as websites, emails, and productivity tools were inaccessible during the disruption.

 

DDoS attacks can prevent medical providers from accessing electronic medical records, scheduling appointments, or communicating with patients, leading to treatment delays and potentially harmful outcomes. Additionally, DDoS attacks may be used to access sensitive patient data, including personal information, medical records, and insurance details, which can then be sold on the black market.

 

Watch more: Enhancing Cybersecurity with Web Penetration Testing in Australia

 

Phishing attacks

 

Phishing attacks have become a major cybersecurity issue in the healthcare industry. In 2022, the Singapore Cyber Emergency Response Team (SingCERT) reported approximately 8,500 phishing attempts, more than double the 3,100 cases handled in 2021. These attacks involve fraudulent emails or websites designed to deceive individuals into disclosing sensitive information, such as credit card details or login credentials.

 

In healthcare, phishing attacks can result in the theft of protected health information, leading to severe consequences for both patients and organizations. Typically, weak or similar passwords, such as adding digits to a clinic’s name or using easily found contact information, create significant vulnerabilities. Using such passwords for critical accounts like clinic emails and CMS exposes sensitive data to hackers. 

 

The 2018 SingHealth breach is a prime example; hackers initially gained access through a phishing email and later breached administrator accounts with easily guessable passwords, as noted in the PDPC’s report.

 

Cybercriminals often exploit employees’ lack of awareness in identifying phishing attempts. To combat these cybersecurity issues in healthcare and protect the organization, it is crucial to combine technological defenses with ongoing education and training for staff.

 

SmartOSC Cybersecurity Solutions for Healthcare

 

Cybersecurity Solutions We Offer

 

In an era of increasing digitalization, healthcare organizations face complex cybersecurity challenges. SmartOSC offers comprehensive cyber security solutions tailored to the healthcare sector, ensuring the protection of sensitive patient data and the integrity of healthcare systems.

 

  • Mobile Security: Fortify your healthcare mobile ecosystem against evolving cyber threats with robust app and device protection.
  • Threat Intelligence: Reduce and mitigate business risks with data-driven, industry-relevant intelligence, delivered through multi-disciplinary analytic services tailored to healthcare.
  • Application Security: Secure healthcare applications end-to-end, from ideation through design, development, testing, and deployment, ensuring the highest standards of security.
  • Cloud Security: Protect your healthcare organization’s digital foundation by embedding security at every stage of the lifecycle, safeguarding applications, workloads, containers, and all cloud types.
  • Network Security: Safeguard healthcare data flow, communications, and sensitive information with advanced threat detection and preventive measures.
  • Endpoint Security: Ensure a robust defense against malicious activities targeting healthcare endpoints, integrating pioneering detection and response with real-time prevention across all key attack surfaces.

 

Case Study: Raffles Connect

 

CareHealth partnered with Raffles Medical Group, a leading private healthcare provider in Asia, to launch Raffles Connect – a holistic and personalized platform offering health and wellness services.

 

Strategic Solutions for Healthcare Security:

 

    • Automation Testing: SmartOSC helped CareHealth expand its automation testing coverage, allowing the manual QA team to focus on strategic testing activities. By integrating additional automation resources, CareHealth improved efficiency and test coverage.
    • Infrastructure and Environment Segregation: SmartOSC assisted CareHealth in segregating their AWS environment into multiple accounts to enhance security. This approach limits access to sensitive data and protects against potential threats, ensuring a secure and resilient platform.

 

  • Feature Development Augmentation: To speed up feature development, CareHealth collaborated with SmartOSC to bolster their engineering team. SmartOSC contributed to backend functionalities, frontend performance, and new features, resulting in a more responsive and feature-rich application.

 

SmartOSC is committed to helping healthcare organizations navigate the complexities of cybersecurity issues in healthcare, ensuring that patient data and healthcare systems remain secure and resilient against evolving cyber threats.

 

Conclusion

 

The increase in cybersecurity issues in healthcare highlights the need for Singapore’s healthcare organizations to address digital risks proactively. With rising threats like ransomware, it’s crucial to implement strong cybersecurity measures to protect sensitive patient information.

 

For expert help in tackling these challenges, SmartOSC offers tailored cybersecurity solutions for the healthcare sector. Contact us today to enhance your security defenses and safeguard your organization from evolving cyber threats.

Related blogs

Learn something new today