SINGAPORE: The web service outages of public hospitals and polyclinics on Nov 1 were caused by a Distributed Denial-of-Service (DDoS) attack, said national healthcare IT provider Synapxe on Nov 3.
In a DDoS attack, attackers flood servers with internet traffic to prevent users from accessing online services.
The DDoS attacks are continuing and users may see “occasional disruptions” in internet services as a result, Synapxe added.
“Synapxe is working with relevant parties to actively defend against the attacks, and expedite the recovery processes. Investigations by Synapxe and the Cyber Security Agency (CSA) are also ongoing,” the IT provider said.
Synapxe said its networks are protected by a defence designed to detect and respond to cyber threats, including DDoS attacks. Its systems have redundancies for resilience, including system backups, and subscribes to services that block abnormal surges in internet traffic before they enter the public healthcare network. Firewalls are in place to allow only legitimate traffic into the network.
However, an abnormal surge in network traffic – detected at 9.15am on Wednesday – bypassed the blocking service, and overwhelmed Synapxe’s firewall behind the blocks, the IT provider said. This triggered the firewall to filter out the traffic, and all the websites and internet-reliant services became inaccessible.
“Once the cause was identified, Synapxe immediately worked with service providers to deploy measures to block the abnormal traffic in order to allow legitimate traffic required for internet services to resume,” it said. “Services were restored progressively from 4.30pm.” – The Straits Times (Singapore)/Asia News Network