Saturday, July 21, 2018

How did the hacker do his work?

We have to wait for the Commission of Inquiry to investigate and report on the events surrounding the hacking of SingHealth database.

As this may take many months, let ma apply my deductive skills to guess what might have happened.

I suspect that the "sophisticated hacker" was able to hack the database and get the password of the root administrator.

This would allow the hacker to download the entire database, or just the table containing the 1.5 million patient records.

The activity of the hacker would probably be logged in the database, so the administrator would have known what were downloaded.

The hacker did not bother to change any of the record. Even if they did, there would have been a daily backup which would allow the administrator to restore the database.

The hacker probably had the skill to break through the layers of security measures to get access to the database and the password of the administrator.

If this is likely to be what had happened, perhaps a good security measure is to ensure that the administrator can only within certain premises. This can be controlled by the IP address. I do not see the need for the administrator to operate from remote locations.

It is possible for the hacker go gain access to the office of the administrator and to do the work in that premise. I wonder if this could be what had happened?

I invite some experts to share your thoughts?

2 comments:

Anonymous said...

The hackers will be able to sleep well at night? Hopefully.

The people will be able to sleep well knowing that the next might be terrorist and not cyber attack? Hopefully.

Anonymous said...

No proper quality control in safety. Good in quality control tremendously in filling the government coffers. Its a known fact.

Blog Archive