DDoS attack on StarHub first of its kind on Singapore's telco infrastructure: CSA, IMDA

DDoS attack on StarHub first of its kind on Singapore's telco infrastructure: CSA, IMDA

This comes after the telco revealed in a media briefing that compromised devices led to the DDoS attacks.

SINGAPORE: The Distributed Denial of Service (DDoS) attacks on StarHub’s broadband network were the first of that nature on Singapore's telco infrastructure, the Cyber Security Agency of Singapore (CSA) and Infocomm Media Development Authority (IMDA) said on Wednesday evening (Oct 26).

This comes after the telco revealed in a media briefing on Wednesday that compromised devices such as webcams and routers owned by its customers led to the DDoS attacks.

In a joint statement, CSA and IMDA said attacks on Domain Name Services (DNS), as seen in StarHub’s case, are “generally rare”, “although the latest Dyn incident in US has shown that it is surfacing as an emerging trend”.

The agencies added that in DDoS attacks, attackers usually scan for vulnerable Internet-connected devices commonly known as "botnet" and employ a list of techniques - such as password cracking - to gain access to them.

“Any Internet-connected device, from WiFi routers to printers to CCTVs, can inadvertently be part of a network of ‘bots’ that can be activated to attack other systems,” CSA and IMDA said, adding that there is no foolproof solution as digital systems are increasingly connected.

As such, telcos must ensure they have “resilient and robust” systems, and put in place measures to quickly detect and respond to such attacks, so as to avoid disruption of services to their subscribers, CSA and IMDA added.

They reiterated that they are working “closely” with StarHub to investigate the matter, and strengthen the telco’s infrastructure and processes, and said they have advised other telcos in Singapore to step up their defences in case there are similar disruptions to their systems.

Members of the public are also advised to adopt “good cyber hygiene practices” to secure their devices. SingCERT will publish an advisory on what businesses and individuals should do to ensure their Internet-connected devices are secure, CSA and IMDA said.


Communications and Information Minister Yaacob Ibrahim called on businesses to take action to address their specific cyber security needs, even as the Government steps up efforts to help them stay safe.

Speaking at an Asia Pacific cyber security summit on Wednesday, Dr Yaacob said the Government has been consistent in pursuing cyber security development, working with multiple stakeholders, including businesses and international partners. This includes launching the national cyber security strategy earlier this month, and developing a multi-tiered cyber security response plan.

A new Cybersecurity Act is also in the pipeline.

But Dr Yaacob emphasised that the Government cannot do it alone, and urged companies to make cyber security a priority.

"Cyber security should not be seen as a cost, but as an investment to manage risk. Under-investment in cyber security does not mean 'business-as-usual'. Weak cyber defences suffering from under-investment could be breached more easily, leading to disruption of business activities and significant losses," the minister said.

Source: CNA/dl