Contact Contact Us

SingHealth Cyber Attacker Used Customised Malware and Tried to Attack Network Again Amid Investigation

The Committee of Inquiry (COI) into the SingHealth cyberattack in June heard that the attacker had installed a customised malware that had not been seen elsewhere and used modified open source tools that evaded anti-virus software. The tools, techniques, and procedures used by the attacker fit the profile of an Advanced Persistent Threat (APT) group. Furthermore, the attacker had attempted to attack SingHealth’s network again on July 19, amid investigations of their earlier attack. The attacker had established multiple footholds in SingHealth’s network and that enabled the attacker to execute commands from another compromised server.

[1] 'Customised, uniquely tailored' malware not seen elsewhere used in SingHealth cyberattack
[2] SingHealth COI: Hackers tried to attack network again on July 19 amid probe

Ensign InfoSecurity Singapore
30A Kallang Place
Singapore 339213

Tel: +65 6788 2882
Fax: +65 6788 3883