Cybersecurity Phishing Awareness

When it comes to spear phishing attacks, there are a number of clues that a user can look for to make sure they don’t fall victim to a hacker. These clues were overlooked, and now, the Prime Minister must take the stage to discuss the resulting security breach…as well as her own resignation.

[BLANK_AUDIO] [MUSIC] SingHealth, the largest healthcare provider in Singapore, recently suffered a massive data breach, with hackers making off with medical information for over 1.5 million people including the Prime Minister. [MUSIC] >> Good afternoon. First of all, I wanna thank all of you for being here on such short notice. The reason I call this briefing is because the rumors are true I'm stepping down as prime minister. But I want to reassure the people of this great country that we have a plan in place. Everything is going to be okay. Two days ago I was informed by our Nation's Cybersecurity Secretary that our public health care system had been hacked. How did this happen? >> It was traced to a spear phishing attack. A public health executive was targeted by hackers and unfortunately, he took the bait. There were so many close, if he had slowed down and looked at the email more closely he would have seen them. >> What clues? >> First of all, the email was spoofed, meaning the sender's name didn't match what was in the brackets, a telltale sign it's a phishing attack. Next, the email was sent at 3:27AM. But everyone knows lawyers work odd hours. But that also should have been a clue. Then there was the foreign language characters, characters that an email originating from our own legal department as this email purported to be, never would have contained. But here's the kicker, three days ago, I sent out an announcement to the entire public health system not to open PDF attachments until further notice >> Why? >> Because a cyber security company found a zero day exploit in the PDF reader. This means they found an exploit before the software company even knew about it. And they needed a few days to get it patched. The targeted executive obviously didn't read my message, which I marked is urgent and he opened a PDF attachment before the software was patched. >> And as simple as that, the hackers made off with records for over one and a half million patients, including personal information that can be used and sold for identity theft purposes. They also stole medication and prescription records including mine which can be used to infer people's private medical conditions. Because of this, I find myself in the position I'm in now, to inform all of you that two weeks ago, I was diagnosed with a terminal illness. I wanted to go public with the news immediately but decided to wait for a time that would be better for our country given the recent political unrest, but because of the breach, I'm forced to alert all of you now. My press secretary will handle any questions. But please, I urge all of you, let my experience serve as a reminder of just how diligent we must be in order to prevent something like this from happening again. Thank you. [MUSIC]