Singapore telco StarHub Hit by DDoS cyber attacks
Singaporean telecoms service provider StarHub Ltd said intentional cyber attacks had caused internet connection disruption for some of its home broadband customers on October 22 and October 24.
The company said it had analysed network logs of the disruptions and found that it had experienced intentional and likely malicious distributed denial-of-service (DDoS) attacks on its domain name servers (DNS).
DDoS attackers typically target sites by flooding servers with messages from multiple systems so they are unable to respond to legitimate traffic.
The attacks came from the machines of StarHub’s own customers, the company said at a news conference, the Straits Times newspaper reported on Wednesday.
“On those two occasions, subscribers’ bug-infected machines turned into zombie machines that repeatedly sent queries to StarHub’s DNS, overwhelming it,” the newspaper said.
State-owned Channel NewsAsia also quoted StarHub Chief Technology Officer Mock Pak Lum as saying affected devices such as broadband routers and webcams were responsible for the spike in web traffic.
StarHub said there was no evidence of any impact on the rest of its services, and the security of its customers’ information was not compromised.
“On both occasions, we mitigated the attacks by filtering unwanted traffic and increasing our DNS capacity, and restored service within two hours,” it said in a statement late on Tuesday.
The incidents come close on the heels of attacks on Twitter Inc, PayPal Holdings Inc, Spotify AB and other customers of Dyn, a U.S. company which acts as a switchboard for internet traffic.
StarHub said it was investigating the intent and source of the two attacks, which it called “unprecedented in scale, nature and complexity” for the company.
It told Reuters in an email on Wednesday that it does not use Dyn services.
As of June 30, StarHub’s residential broadband subscribers totalled 473,000.
Singapore authorities on Tuesday advised other telecom firms to strengthen defences to protect against similar disruptions.
Singapore Telecommunications Ltd, the city-state’s biggest telecom operator, said it did not observe any abnormal traffic trends over the weekend but will continue to monitor networks closely. Third-ranked M1 Ltd said it was aware of the cyber-attacks and was on alert.