4-member COI investigating SingHealth cyberattack to submit report by Dec 31
Minister for Communications and Information S Iswaran said a Committee of Inquiry will be set up to look into the SingHealth cyberattack.
SINGAPORE — Led by a four-member team, the Committee of Inquiry (COI) set up to investigate the SingHealth cyberattack starts work on Tuesday (July 24), and has to submit its report by Dec 31.
Announcing the composition of the team and terms of reference for the investigation on Tuesday, Minister for Communications and Information S Iswaran said the COI will be conducting public and private hearings to establish the events and contributory factors leading to the cybersecurity attack, and the incident response.
The committee, chaired by former chief district judge Richard Magnus, will also recommend measures to better secure SingHealth's and other public sector IT systems against similar attacks in the future.
Mr Magnus, who is also a member of the Public Service Commission, previously chaired the three-man COI that was formed to look into the Nicoll Highway collapse at a Circle Line MRT work site on April 20, 2004, which killed four workers.
On Tuesday, Mr Iswaran, who is also Minister-in-charge of cybersecurity, appointed other three members to the committee. They are managed security services provider Quann World's executive chairman Lee Fook Sun, Sheares Healthcare Management group chief operating officer T K Udairam, and National Trade Union Congress' (NTUC) assistant secretary-general Cham Hui Fong.
Mr Lee, who was previously with the ST Engineering Group for 17 years, brings a wealth of IT experience, having also served in the Ministry of Defence and the Singapore Armed Forces in positions such as director of Joint Intelligence Directorate and director of Military Security Department.
Mr Udairam has over 40 years of healthcare experience in Singapore, while Ms Cham has served in many tripartite committees addressing issues such as wage restructuring and the employment and re-employment of mature workers.
Chairing the COI is a responsibility that he takes seriously, said Mr Magnus, adding: “I will work with the COI members to ensure that we fully deliver on this important task which has been entrusted on us.”
Last Friday, news broke that hackers had broken into SingHealth's IT systems. They stole the data of 1.5 million patients, and records of the outpatient medication given to Prime Minister Lee Hsien Loong, the authorities said without identifying any suspects.
The hackers took data such as the name, NRIC number, address, gender, race, and date of birth of patients who visited SingHealth's specialist outpatient clinics and polyclinics from May 1 2015 to July 4 this year.
The records of the medicines given to 160,000 people – the Prime Minister among them – who had received outpatient treatment at SingHealth's outlets were also stolen.
The unprecedented breach, which is believed to be a state-sponsored attack, has "threatened to erode the precious trust that has been painstakingly built up", Mr Iswaran said. And the COI is an "important step in getting to the bottom of the incident and keeping Singaporean's trust in our systems", he added.
Speaking at his ministry's annual workplan seminar at Orchard Hotel, Mr Iswaran said the Government will also continue to ensure cybersecurity and infrastructural resilience, and enhance its regulations.
Mr Iswaran said: "While we will do everything we can to strengthen our systems, we cannot completely eliminate the risk of another cybersecurity attack.
"That is the nature of this ongoing battle. The would-be attackers are constantly developing new capabilities even as we reinforce our IT systems."
Even though the Government has put a pause on its Smart Nation initiatives in light of the recent cyberattack, Mr Iswaran stressed that digital still remains the way of the future.
"We must adapt ourselves to operate effectively and securely in the digital age, to deliver better public services, enhance our economic competitiveness and create opportunities for Singaporeans."
