Data breach affects 850 national servicemen and MINDEF staff in Singapore

The attackers were most likely after classified military information but such information is not hosted on I-net.

Singapore's Ministry of Defence (MINDEF) announced that it detected a breach in its I-net system last month.

I-net provides internet access to national servicemen (NS) and MINDEF employees in MINDEF and Singapore Armed Forces (SAF) camps and premises.

MINDEF stated that the purpose of the attack "may have been to gain access to official secrets" but I-net is separated from MINDEF's internal systems. Classified matters in MINDEF and the Singapore Armed Forces (SAF) use a different computer system that is not connected to the internet and has more stringent security features.

After an "immediate and detailed forensic investigations" on the affected server and other computer systems within MINDEF and SAF, it was found that basic personal information of about 850 Nsmen and employees was stolen. Such information include users' national registration identification card (NRIC) number, telephone numbers and date of birth.

Affected personnel will be contacted within the week and required to change their passwords for other MINDEF systems.

As a precautionary measure, MINDEF has informed the Cyber Security Agency of Singapore (CSA) and the Government Technology Agency of Singapore (GovTech) to investigate other government systems. No breaches have been detected so far.

Commenting on the incident, Sanjay Aurora, Managing Director, Asia Pacific, Darktrace, said: "New forms of attack are inconspicuous, dwelling in networks for weeks, or even months, moving laterally to find the 'crown jewels,' before sounding any alarms. This latest breach heralds the new era of 'trust attacks,' which aim to erode faith in the integrity of our data, and the public institutions who host it."

"Although it appears that MINDEF has responded swiftly to this incident, the reality is that no human can keep up in this rapidly-evolving threat landscape. It is a cyber arms race. AI technology that self-learns what is 'normal' for a network and automatically identifies and takes action against abnormal behaviour and genuine threats will be instrumental in safeguarding critical information and infrastructure," he added.

