SINGAPORE (Oct 5): Malware used to penetrate Singapore Health Services’ patient database system in June was so sophisticated that it tricked even experts at a top anti-virus firm, Solicitor-General Kwek Mean Luck revealed today at a public hearing convened by the Committee of Inquiry (COI) into the SingHealth cyberattack.

According to Kwek, investigations by the Cyber Security Agency of Singapore (CSA) found that the hacker – who was described as “an advanced, sophisticated threat actor” – used a combination of customised malware and open-source tools that evaded anti-virus software and were difficult to detect.

When the malware sample was passed to a “leading anti-virus company” for analysis, the company initially indicated that the malware was benign, the Solicitor-General told the COI on Friday. The anti-virus firm was not identified.

To continue reading,

Sign in to access this Premium article.

Subscription entitlements:

Less than $9 per month
3 Simultaneous logins across all devices
Unlimited access to latest and premium articles
Bonus unlimited access to online articles and virtual newspaper on The Edge Malaysia (single login)
Related Stories

Stay updated with Singapore corporate news stories for FREE

Follow our Telegram | Facebook