Singapore telcoms group StarHub says hit by cyber attacks
ricky l2 minu
tes ago
Compromised home devices triggered broadband outages: StarHub
By Kevin Kwang Posted 26 Oct 2016 19:10 Updated 26 Oct 2016 19:21
ENLARGECAPTION
378 Email More
A A
SINGAPORE: Web-connected devices bought by StarHub subscribers were the cause of the "illegitimate traffic" that resulted in the distributed denial of service (DDoS) the telco suffered twice in two days, said StarHub CTO Mock Pak Lum on Wednesday (Oct 26).
In a media briefing, Mr Mock said affected devices such as broadband routers and webcams were responsible for the spike in Web traffic the telco saw last Saturday and Monday nights.
He did not however disclose how many devices or IP addresses were compromised, or what was the exact volume in the spike in Web traffic its domain name server (DNS) farms had to handle in a short space of time.
The illegitimate traffic to the DNS resulted in an overload that disrupted Web connection for "some" broadband users, Mr Mock said. "Not everyone was affected," he added, saying that some users would have gotten to their desired webpage if they had waited long enough.
As remedial action, the telco said it has increased DNS capacity by 400 per cent since Saturday, and is also implementing traffic filtering and source tracing to identify the source of Web traffic surges.
It is also looking to deploy its technical team - HubTroopers - to subscribers identified with compromised devices to help them troubleshoot. This could either be done at their homes or, with their permission, taken back to StarHub for further investigation.
That said, the CTO said his team is working to scrub through the logs to see if the traffic spike was linked to the attack on US-based Dyn DNS. He noted that there are similarities in that compromised connected home devices were used to conduct the attack, but that it was too early to draw any conclusion.
He also could not comment as to why only StarHub was attacked by the compromised devices, while other Internet service providers were not affected.
StarHub is working with the CSA in terms of sharing information from its investigations, he added.
In the meantime, Mr Mock stressed that "everyone has a role to play in cybersecurity". "The reward is now too huge" for cybercriminals, and the online threat will be "prevalent for a long time to come", the CTO said.
He suggested that consumers only get devices that are "reputable", remember to change the default passwords, and set up the necessary defences such as firewalls after buying the devices.
He also cautioned against blindly opening up Web links sent from friends via emails, for instance, as this could potentially lead to malware being downloaded into the device without the user's knowledge.
- CNA/kk
- ricky l27 seconds ago
