You are here

Some brokerages in Singapore hit by DDoS attacks last week

SOME brokerages in Singapore were hit with distributed denial-of-service (DDoS) attacks last week, which resulted in disruption to traders trying to access their brokerage's trading platforms.

It is believed to have taken place on the morning of Oct 24 with the period of disruption believed to have ranged from 30 minutes to almost the entire duration of the Singapore market's morning session, sources said.

One trader told The Business Times: "I believe up to five houses were hit." The trader, who declined to be named, said he, along with some of his colleagues were not able to access their brokerage's trading platform. And for those that were able to, connections were "patchy or intermittent".

Another recalled: "There was a short breakdown in connections. The IT department did not give us an explanation for the issue but they quickly restored services within an hour. I thought of it as a minor IT issue that can happen from time to time."

In responding to queries on the attack, a Monetary Authority of Singapore (MAS) spokesperson said: “MAS has been informed that a small number of stock brokers had encountered distributed denial of service (DDoS) attacks on their online systems last week. There was limited disruption to the services of these stock brokers as they had activated their DDoS mitigation services."

MAS also issued an advisory "to alert financial institutions of a heightened risk of DDoS activities and advised financial institutions to be on alert to monitor their IT environment for suspicious network activities".

DDoS is a cyber attack where malicious players attempt to disrupt a server, service or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic. The result of which is the temporary or indefinite disruption of services of a host connected to the Internet.

With cyber attacks increasingly globally, MAS has also taken steps with financial institutions operating in Singapore to ensure the resilience of the financial sector to cyber threats.

In August 2019, the financial regulatory authority issued a set of legally binding requirements that sets out key measures that financial institutions must take to mitigate cyber threats.

"Consumers also need to do their part, by staying vigilant of cyber threats. To safeguard their devices from being used as bots to launch DDoS attacks, consumers should adopt good cyber hygiene practices such as installing anti-malware software and updating security patches regularly,” an MAS spokesman said.