Broadband service outages due to DDoS attacks: StarHub

Broadband service outages due to DDoS attacks: StarHub

StarHub says the cyber attacks were "unprecedented in scale, nature and complexity".

SINGAPORE: The two recent broadband service outages that hit StarHub were the result of "intentional and likely malicious attacks" on its servers, the telco confirmed on Tuesday (Oct 25), adding that the attacks were "unprecedented in scale, nature and complexity".

In a media statement, StarHub said: "We have completed inspecting and analysing network logs from the home broadband incidents on Oct 22 and Oct 24 and we are now able to confirm that we had experienced intentional and likely malicious distributed denial-of-service (DDoS) attacks on our domain name servers (DNS).

"These two recent attacks that we experienced were unprecedented in scale, nature and complexity," it said.

Starhub said that the DDoS attacks caused temporary web connection issue for some of its home broadband customers. "On both occasions, we mitigated the attacks by filtering unwanted traffic and increasing our DNS capacity, and restored service within two hours. No impact was observed on the rest of our services, and the security of our customers’ information was not compromised."

The broadband service provider said it would continue to stay vigilant against possible follow-up DDoS attempts, and is working closely with the authorities to determine intent and source of these two DDoS attacks.

Earlier on Tuesday, the Cyber Security Agency (CSA) and the Infocomm Media Development Authority (IMDA) said that the possibility of a DDoS attack could not be ruled out, and noted that StarHub's outages came on the heels of Friday’s attack against the US-based domain name system service provider Dyn.

StarHub had earlier said it detected a "spike in data traffic" coming into its domain name servers (DNS) that temporarily affected the Web connection for some of its home broadband customers during the time of the outage.

A DNS is a database that translates Web addresses, such as www.nameofwebsite.com, into machine readable sets of digits for customers to view websites on their computers.

"When a DNS is not operating optimally, customers may face difficulty in accessing the Internet," the telco said.

After detecting the sudden increase in traffic to the servers, StarHub said it immediately started filtering the unwanted traffic and added DNS capacity to manage the "huge increase in traffic load". As a result, some customers temporarily faced intermittent broadband access, it said.

The telco added that there was no impact on its mobile broadband, enterprise and home voice services, and the security of customers’ information was not compromised.

According to StarHub, the home broadband service for affected customers was fully restored at about 11.25pm on Monday.

The company said that initial investigations pointed to similarities between the outage on Monday and the first incident last Saturday.

Source: CNA/mz/ek