Skip to main content
Home The New Paper
  • Home
  • News
    • Singapore
    • World
    • Business
    • Views
    • Backstage
    • Others
  • Sports
    • Football
    • Singapore Football
    • Team Singapore
    • School Sports
    • Athletics
    • Basketball
    • Cricket
    • Swimming
    • Tennis
    • Golf
    • Racing
    • Others
  • Entertainment
    • Movies
    • Music
    • TV
    • Star Style
    • School of Frock
  • Lifestyle
    • Makan
    • Hed Chef
    • Weets Eats
    • Health
    • Tech
    • Travel
    • Fashion
    • Shopping
    • Biker Boy
    • Celeb Chow
    • Others
  • Racing
  • Your Tip-Offs
  • Read E-Paper
  • Contests
  • Coupon
  • Team

Popular

  • COURT & CRIME
  • Food & Drink
Singapore

No reason to believe Singapore was target in FireEye hack

No reason to believe Singapore was target in FireEye hack
FireEye, one of the largest cyber-security companies in the US, said its hacking tools were stolen in what it believes is a state-sponsored attack. PHOTO: REUTERS

Even so, Cyber Security Agency of Singapore advises companies to disconnect affected tools, update systems

Hariz Baharudin
Reporter
Dec 17, 2020 06:00 am
  • Share on Facebook
  • Share on Twitter
  • Share on WhatsApp
  • E-mail this article
  • 0 Engagements

There is no reason to believe that Singapore was a target of the recent high-profile hacking attack involving cyber-security company FireEye and software provider SolarWinds Corp, the authorities said late on Tuesday.

Even so, the Cyber Security Agency of Singapore (CSA) said that it sent out an advisory on Dec 9 for companies to disconnect affected cyber-security tools and update systems to protect against cyber criminals.

FireEye, one of the largest cyber-security companies in the US, said earlier this month that it was hacked in a state-sponsored attack. Its hacking tools, which are used to test the defences of its clients, were stolen in the process.

MALICIOUS CODE

The theft stems from malicious code injected by hackers into US-based SolarWinds' software that FireEye used, the cyber-security company said this week after conducting an investigation.

The software facilitates the monitoring of computer networks of businesses and governments for outages.

The malware, in the form of a software update, reportedly allowed hackers to spy on secure information at some of the top agencies in the US.

Two refurbished patrol vessels part of new navy flotilla
Singapore

Maritime security flotilla launched

Jan 27, 2021

Related Stories

TPG Telecom targets heavy data users with $18 for 80GB plan

RSAF’s latest Aster 30 missile system on 24-hr operations since August

SingPass users can now verify account via facial scanning

The attack on FireEye, which holds a range of contracts in the US and its allies, is among the most significant breaches in recent memory. The firm, which last month reported an all-time record revenue of US$238 million (S$316 million) for the third quarter of this year, provides services for international government agencies.

The company is a strategic partner of CSA, which oversees national cyber-security functions and protects Singapore's critical services.

CSA told The Straits Times that based on its understanding, the scope of the FireEye attack was limited and did not affect Singapore.

"Based on the information from FireEye, the attack was highly targeted, with the breach limited to FireEye's US offices. There has been no evidence to suggest that Singapore was or would be a target," it said.

Hackers had gained access through SolarWinds' software called Orion, using malware that was disguised as a software update.

In a public advisory on its website on Monday, the Singapore Computer Emergency Response Team (SingCert) advised organisations to disconnect or power down SolarWinds' Orion products from their networks immediately. SingCert is a unit of CSA.

"Administrators should also review the logs for suspicious activities, check connected systems for signs of compromise and persistence mechanisms, and reset credentials if necessary, especially ones used by or stored in SolarWinds software," said CSA.

"Administrators are also advised to monitor their networks and systems for any suspicious activities."

CSA said it has been in close contact with the US Cybersecurity and Infrastructure Security Agency, as well as FireEye. They have both provided CSA with more information, which the agency said has helped it to better issue advice on what preventive measures to take.

Get The New Paper on your phone with the free TNP app. Download from the Apple App Store or Google Play Store now

Technology

Hariz Baharudin

Reporter
harizbah@sph.com.sg
Read articles by Hariz Baharudin
  • Share on Facebook
  • Share on Twitter
  • Share on WhatsApp
  • E-mail this article
  • Newslink -  Purchase this article for republication

Top Stories this Month

Let’s cancel Chinese New Year
Lifestyle

Let's cancel Chinese New Year

Jan 25, 2021
After one year of Covid in Singapore: Case 38
Singapore

A year on, recovered virus patient still can't taste or smell

Jan 22, 2021
Let’s cancel Chinese New Year
Lifestyle

Let's cancel Chinese New Year

Jan 25, 2021
Home
  • Contests
  • Coupon
  • Team
  • Home
  • News
    • Singapore
    • World
    • Business
    • Views
    • Backstage
    • Others
  • Sports
    • Football
    • Singapore Football
    • Team Singapore
    • School Sports
    • Athletics
    • Basketball
    • Cricket
    • Swimming
    • Tennis
    • Golf
    • Racing
    • Others
  • Entertainment
    • Movies
    • Music
    • TV
    • Star Style
    • School of Frock
  • Lifestyle
    • Makan
    • Hed Chef
    • Weets Eats
    • Health
    • Tech
    • Travel
    • Fashion
    • Shopping
    • Biker Boy
    • Celeb Chow
    • Others
  • Racing
  • Your Tip-Offs
  • Read E-Paper
  • Contact TNP
  • About SPH
  • Privacy Statement
  • Data Protection Policy
  • Member Terms & Conditions
  • Website Terms & Conditions
SPH Digital News Copyright © 2021 Singapore Press Holdings Ltd. Co. Regn No. 198402868E