StarHub rapped - broadband disruptions a capacity issue

Findings show that StarHub did not have sufficient system capacity to cope with an Internet traffic surge.
Findings show that StarHub did not have sufficient system capacity to cope with an Internet traffic surge.PHOTO: ST FILE

StarHub received a warning from the authorities yesterday for two disruptions to its home broadband network in October last year, which investigation findings now show were not due to direct cyber attacks as the telco had suspected.

Findings released yesterday by the Infocomm Media Development Authority (IMDA) and the Cyber Security Agency of Singapore (CSA) show that StarHub did not have sufficient system capacity to cope with an Internet traffic surge.

The telco has since increased its capacity, said IMDA and CSA.

IMDA also directed StarHub to do an independent review of its infrastructure, saying it "will not hesitate to take sterner action should a similar incident happen in future".

IMDA's Telecom Service Resiliency Code spells out the minimum requirements for service availability. Breaching these requirements - such as a loss of 70 per cent or more of a telco's Internet bandwidth - may result in a fine ranging from $15,000 to $270,000 for every 30 minutes of outage.

Subscribers could not surf the Internet intermittently for up to two hours each time on Oct 22 and Oct 24 as traffic spiked on StarHub's DNS, which maps Web addresses to a machine-readable string of numbers to connect Internet users to websites. When the DNS is not operating optimally, users may not be able to access the websites.

The two disruptions came on the heels of a cyber attack the week before on United States-based DNS service provider Dyn. A piece of malware called Mirai reportedly infected traffic cameras, which were used to take down Dyn's DNS.

This is why IMDA and CSA did not rule out the possibility of a cyber attack.

StarHub had also made a police report based on suspicion that it had suffered two cyber attacks.

However, the traffic surge on StarHub's network was indirectly linked to Dyn, said IMDA and CSA.

StarHub systems were inundated with traffic when its subscribers accessed affected US content providers such as Amazon and Expedia after the content providers' third-party analytics vendor switched to another DNS service that is more resource-hungry.

The switch clogged StarHub's network, resulting in surfing slowdowns. This could have prompted broadband users here to repeatedly refresh their Web browsers, which added to the jam.

Mr Chong Siew Loong, StarHub's chief technology officer, said: "We assure our customers and the regulator that we will continuously review our security posture and enhance network resilience in partnership with network and security providers."

A version of this article appeared in the print edition of The Straits Times on April 22, 2017, with the headline 'StarHub rapped - broadband disruptions a capacity issue'. Print Edition | Subscribe