Massive hack attack on Singapore’s health records likely carried out by state-linked group. But who?

A cyberattack that breached 1.5 million health records in Singapore has been attributed to sophisticated attackers who may be state-linked, a Cabinet minister said Monday.

S. Iswaran, minister for communications and information, said in Parliament that the government’s detailed analysis of last month’s cyberattack on SingHealth records found it was the work of an “advanced persistent threat” group.

Such groups comprise sophisticated cyberattackers and are typically state-linked “who conduct extended, carefully planned cyber campaigns, to steal information or disrupt operations,” said Iswaran.

The attackers used tools that were advanced and sophisticated, “including customised malware that was able to evade SingHealth’s anti-virus software and security tools,” he said.

Citing national security reasons, Iswaran said he would not reveal which state was thought to be behind the attack.