Telcos put on alert after cyber attacks on StarHub

A StarHub retail outlet at Bugis Junction.
A StarHub retail outlet at Bugis Junction. PHOTO: ST FILE

The Singapore authorities have told other telcos to be on their guard in the wake of the two waves of cyber attacks that brought down Internet surfing on StarHub's broadband network last Saturday and on Monday.

"This is the first time that Singapore has experienced such an attack on its telco infrastructure," the Cyber Security Agency and the Infocomm Media Development Authority (IMDA) said in a joint statement.

Saying that telcos should have robust systems and put in place measures to detect such attacks, they said they would work with StarHub to investigate the matter and strengthen its system.

IMDA has also advised the other telcos to step up their defences in case they face similar disruptions.

Many subscribers could not surf for up to two hours after the attacks as traffic spiked on StarHub's domain name system (DNS).

 

DNS maps Web addresses to a machine-readable string of numbers to connect Internet users to websites. When the DNS is not operating optimally, users may not be able to access the websites.

StarHub's chief technology officer Mock Pak Lum said computers and devices of the telco's own customers were used in the attack.

The subscribers' bug-infected devices turned into zombie machines that repeatedly sent queries to StarHub's DNS, overwhelming it. This is known as a distributed denial-of-service (DDoS) attack.

As the traffic came from its own subscribers, they appeared legitimate. StarHub manually filtered out traffic from the hijacked machines and increased its DNS capacity to restore its services.

Mr Mock advised consumers to buy devices from reputable vendors and reset default passwords. The telco will help customers clean infected devices and automate the process of filtering Web traffic from hijacked systems.

A version of this article appeared in the print edition of The Straits Times on October 27, 2016, with the headline 'Telcos put on alert after cyber attacks on StarHub'. Print Edition | Subscribe