Singapore's Defense Ministry Hit With First Major Cyber Attack

 Singapore's government has been the latest victim of a cyber crime. There has been a hack in the internet access (I-net) of the agency which has led to the access of personal data.  Investigations revealed that basic personal data, comprised of NRIC numbers, telephone numbers, and dates of birth of around 850 servicemen and employees was stolen from I-net.

The I-net system is an internet access system used by national servicemen and MINDEFF employees to send emails communication and for their internet surfing. The system allows their employees to use terminals within the ministry premises and SAF's (Singapore's Armed Forces) camps.   

When did the hack take place & why?

David Koh, the deputy of MINDEFF has stated "The hack took place early in February and appears to have been "targeted and carefully planned".  The purpose of the attacks may have been "to gain access to official secrets."  "No classified military information is stored on I-net. NRIC numbers, telephone numbers and dates of birth are required for I-net account management and these are stored on I-net. Classified matters in MINDEF/SAF use a different computer system with a more stringent security features and are not connected to the Internet. "3

Who was behind the Cyber Theft?

The investagation is still ongoing, however, David Koh has stated "Based on our investigations, [the attack was] not the work of casual hackers of criminal gangs". David Koh also mentioned that this cyber attack on their online server was  "targeted and carefully planned.

New Trend of Cyber Attacks?

Cyber attacks on mutiple government systems are becoming very common. It was reported that last year the Russian government allegedly hacked into the US Democratic party's computer network which had led to information on 2016's presdential election.   Below is a list of the most recent cyber attacks from Wikipedia: 

These attacks relate to stealing information from/about government organizations.

• 2008 cyberattack on United States, cyber espionage targeting U.S. military computers
• Cyber attack during the Paris G20 Summit, targeting G20-related documents including financial information
• GhostNet
• Moonlight Maze
• Operation Newscaster, cyber espionage covert operation allegedly conducted by Iran
• Operation Cleaver, cyberwarfare covert operation allegedly conducted by Iran
• Shadow Network, attacks on India by China
• Titan Rain, targeting defense contractors in the United States
• Google – in 2009, the Chinese hackers breached Google's corporate servers gained access to a database containing classified information about suspected spies, agents, and terrorists under surveillance by the US government.^[6]
• Gauss trojan, discovered in 2012 is a state-sponsored computer espionage operation that uses state-of-the-art software to extract a wealth of sensitive data from thousands of machines located mostly in the Middle East.^[7]
• Office of Personnel Management data breach—Dec 2014 breach of data on U.S. government employees
• A six-month-long cyber-attack on the German parliament for which the Sofacy Group is suspected took place in December 2014.^[8]
• The Sofacy Group is also suspected to be behind a spearphishing attack in August 2016 on members of the Bundestag and multiple political parties such as Linken-faction leader Sahra Wagenknecht, Junge Union and the CDU of Saarland.^{[9][10][11][12]} Authorities fear that sensitive information could be gathered by hackers to later manipulate the public ahead of elections such as Germany's next federal election due in September 2017.^[9]

Sources:

1. http://www.ehackingnews.com/2017/03/singapores-defence-ministry-hit-by-1st.html
2. https://www.cnet.com/news/first-successful-cyberattack-hits-singapores-ministry-of-defence/
3. https://www.mindef.gov.sg/imindef/press_room/details.html?name=28feb17_nr&date=2017-02-28#.WOzpPojyvcs
4. https://en.wikipedia.org/wiki/List_of_cyber-attacks