SingPass Cyber Breach on June 2, 2014
On June 2, 2014, it was reported that the system of the SingPass could have been breached. SingPass is a single factor authentication system which allows users to log into different government e-services through the internet. The SingPass cyber breach was suspected when the Singpass operator informed the Infocomm Development Authority of Singapore (IDA) that many users had received a password reset notification even if none of them had requested a password change.
According to the initial researches conducted after that, it was found that the accounts of at least 1560 users had been accessed without authorization, out of which 419 passwords were reset. Anyway, the authorities acted right away and for those who passwords were stolen, were sent a password restoration message through email.
Purpose of Hacker
The sole purpose of this hack was to steal the personal information of the users, this is clear, but we can’t say for sure what the hackers had planned thereafter. It is clear that even though cyber breaches are frequent occurrences these days, an incident like the SingPass cyberattack could be creating a lot of problems if the situation was not handled carefully. In 2014, SingPass had more than 3.3 million active users, and there were at least 340 e-services in the system, provided by about 64 government agencies. The e-services include some of the most essential services that the government provides, and the SingPass Ids are NRIC numbers. For such a system being breached, we can only imagine what it could turn out to be if it reached its full potential.
Network Security System
Everything has a good side to it, so we could at least learn from the SingPass cyberattack. The hacking system is based on computers, which means it is a part of technology. We know that this thing called technology changes every day, and what’s new today can be plain old tomorrow. And what’s for us to know that it is the same for any network security system. Even if it doesn’t sound so assuring, the perpetrators always find new ways to get into a website. This can’t be stopped, of course, but what we can do is develop healthy internet behaviors. Until we are concerned about our network security by ourselves, the hackers are always going to find a way to steal our credentials. This case was the same in the SingPass cyberattack. Those who had weaker passwords were the ones whose account were stolen. So, we must be sure that we value our network security, just as we expect the government to do.
But, this doesn’t only mean that you have a long password, and then you are off. Get into a website only if you are assured that it is safe. Self-monitor you emails frequently to make sure nothing fishy is going on, and if you find something not right, take measures immediately. Of course, no spam emails and never share your information with anyone unknown on the internet. All in all, whats for us to remember is that a cyberattack such as this could take place anytime, all we have to make sure is that we won’t be affected by the next one.