The Web service outages of public hospitals and polyclinics on Wednesday were caused by a distributed denial-of-service (DDoS) attack, said national healthcare IT provider Synapxe on Friday (Nov 3).

In a DDoS attack, attackers flood servers with Internet traffic to prevent users from accessing online services.

The attacks are continuing, and users may see “occasional disruptions” to Internet services as a result, Synapxe said.

“Synapxe is working with relevant parties to actively defend against the attacks, and expedite the recovery processes. Investigations by Synapxe and the Cyber Security Agency are also ongoing,” the IT provider said.

The Straits Times understands that no ransom demands were made in relation to the Wednesday attack.

Synapxe said it has a “layered defence” designed to detect and respond to cyber threats, including DDoS attacks. This includes system backups, services that block abnormal surges in Internet traffic before they enter the public healthcare network and firewalls.

GET BT IN YOUR INBOX DAILY

Start and end each day with the latest news stories and analyses delivered straight to your inbox.

Sign UpVIEW ALL

However, an abnormal surge in network traffic – detected at 9.15 am on Wednesday – bypassed the blocking service and overwhelmed Synapxe’s firewall behind the blocks, the IT provider said. This triggered the firewall to filter out the traffic, and all the websites and Internet-reliant services became inaccessible.

Once the cause was identified, Synapxe said it immediately worked with its service providers to combat the attack, and Web services were restored progressively from 4.30pm.

The attack did not compromise healthcare data, internal networks or patient care, it added.

Between 9.20 am and 4.30 pm on Wednesday, public healthcare institutions – such as public hospitals, polyclinics and the Institute of Mental Health – experienced a total outage of all services requiring Internet connectivity, losing access to websites, e-mails and internal productivity tools for staff.

Major hospitals such as Singapore General Hospital, National University Hospital, Khoo Teck Puat Hospital and Changi General Hospital were among the affected institutions.

Throughout the disruption, patient records remained accessible and clinical services were unaffected, said some of the affected hospitals in Facebook posts that day.

It added: “The incident is a stark reminder that DDoS attacks are on the rise, with changing attack methods.

“DDoS attacks cannot be prevented, and the defences against DDoS attacks will have to constantly evolve to keep up with advancements.” THE STRAITS TIMES