Skip to main content

Privacy & Security

By Dean Koh | 10:55 pm | March 06, 2019
According to a blogpost by Symantec, the cybersecurity company’s researchers has identified Whitefly as the hacker group behind what is known as Singapore’s worst case of cyber breach, with more than 1.5 patient million records being stolen over a period of June-July 2018. The post said that Whitefly has been operating since at least 2017 and has targeted organisations primarily based in Singapore across a wide variety of sectors with the intention of stealing large amounts of sensitive information. To date, Whitefly has attacked organisations in the healthcare, media, telecommunications, and engineering sectors. The hacker group compromises its victims using custom malware alongside open-source hacking tools and living off the land tactics, such as malicious PowerShell scripts. As described in the findings of the SingHealth COI report published earlier in January this year, “the attacker was a skilled and sophisticated actor bearing the characteristics of an Advanced Persistent Threat group” and this corroborates with what the blogpost wrote: “Whitefly usually attempts to remain within a targeted organisation for long periods of time—often months—in order to steal large volumes of information. It keeps the compromise alive by deploying a number of tools that facilitate communication between the attackers and infected computers.” In addition, it appears that the SingHealth breach was not a one-off attack and was instead part of a wider pattern of attacks against organisations in the region. There were also more technical details on the malware and methods used by Whitefly revealed in the blogpost- these include Trojan.Vcrodat, Hacktool.Mikikatz and Trojan.Nibatad. The Singapore government said in January that it was able to identify the hackers behind the SingHealth incident but had declined to reveal the identity of the perpetrators in the interest of “national security”.
By HIMSS TV | 06:54 pm | March 06, 2019
At the Health 2.0 Annual Fall Conference, documentary filmmaker Robyn Symon discusses physician burnout and suicide and the need for systemic solutions.
By Tom Sullivan | 05:19 pm | March 06, 2019
Diversity is not just about gender and race. Ideas matter, too.
By Mike Miliard | 03:45 pm | March 06, 2019
A new poll of CHIME members by LexisNexis Risk Solutions finds that technology execs' priorities vary widely depending on the maturity of their IT infrastructure.
By Tom Sullivan | 11:02 am | March 06, 2019
The company says the acquisition will enable NTT to broaden its security offerings for digital transformation.
By Tom Sullivan | 10:49 am | March 06, 2019
Infosec is quickly becoming where the two have an opportunity to finally join forces or risk leaving vulnerabilities wide open.
By Tom Sullivan | 05:21 pm | March 05, 2019
Top Federal Bureau of Investigation official calls for greater public-private partnership to fight back increasingly sophisticated adversaries and attacks.
By HIMSS TV | 02:45 pm | March 05, 2019
Providers are finally deploying and scaling cloud computing, according Vik Nagjee of Sirius Computer Solutions and the Cleveland Clinic.
By Bill Siwicki | 01:52 pm | March 01, 2019
The endpoint safeguard tech is finding multiple unusual issues, such as a suspicious executable from China in a common Windows app used by physicians.