You are here
StarHub's broadband service attack originated from devices in Singapore
SHEDDING more light on the two attacks on its broadband services last Saturday and on Monday, telco StarHub said that the attacks originated from devices located within Singapore.
Explaining what happened, StarHub's chief technology officer, Mock Pak Lum, said that the two attack patterns were similar and involved what is known as a distributed denial of service (DDoS) attack on StarHub's Domain Name Servers (DNS).
On Saturday, StarHub first noted the attacks at 10.05pm when there was a spike in attempts to log into the network from certain IP addresses and an increase in call centre calls from subscribers who couldn't get a connection. StarHub managed to tackle the problem by 12.15am. On Monday, the attacks started around the same time, at 10.25pm. However, this time StarHub, having learnt from the incident on Saturday, managed to tackle the problem by 10.52pm and restore home broadband services.
StarHub is still investigating the attack, but its preliminary findings seem to indicate that various Internet connected devices, such as video cameras, routers and DVR players used by its subscribers could be the culprits. These devices participated in the attacks without the knowledge of their owners, as they were remote controlled by hackers.
Mr Mock said that StarHub's investigators are going through the data collected and will soon visit the homes of its subscribers who have such infected devices to help them clean them. He felt that these devices could have been hijacked because users may have forgotten to change the default passwords or they were unbranded devices with infected malware.
He made an appeal to customers to buy from reputable shops and go for reputable brands. Mr Mock also requested them to upgrade their cybersecurity software and use precautions such as firewalls.