DDoS attacks caused StarHub broadband outages

27 Oct 2016
00:00

Singapore's StarHub has blamed DDoS attacks originating from its customers' own infected devices for two broadband outages over the past few days.

At a press conference yesterday, StarHub announced the latest findings of an investigation into the outages on October 22 and 24, the Straits Timesreported.

Both outages lasted for around two hours, leaving many home broadband customers unable to surf the web due to a spike in DNS traffic originating from infected machines.

Because the traffic originated from StarHub's own subscribers, it appeared legitimate. But when the attack was detected, StarHub manually filtered out the traffic from the infected devices to restore services for its other customers.

StarHub announced it plans to send technicians to help customers clean up any infected devices at their homes.

Singapore’s Cyber Security Agency and the Infocomm Media Development Authority have urged operators to strengthen their defense against DDoS attacks, and noted that this marks the first time Singapore has experienced such and attack on its network infrastructure.

Darktrace managing director for APAC Sanjay Aurora said operators and ISPs are likely to find themselves increasing targets of attack.

“The core infrastructure of telecommunications companies is a very desirable target for cybercriminals [but] gaining access is extremely difficult and requires deep expertise in specialist architecture,” he said.

“What ISPs should be wary of, is the possibility of similar DNS amplification attacks on a more regular basis, given that they require relatively little skill and effort but can cause a large amount of damage. This makes them increasingly popular among hackers.”

He said DNS-based DDoS attacks can impact networks by saturating bandwidth with malicious traffic, while also increasing volumes of support calls and negatively impacting the customer experience and ultimately revenue.

Aurora added that there is a possibility that the DDoS attack was caused by Mirai, the IoT botnet responsible for the recent DDoS attack against US-based DNS service provider Dyn. This attack used infected IoT devices.

Related content

Follow Telecom Asia Sport!
Comments
No Comments Yet! Be the first to share what you think!
This website uses cookies
This provides customers with a personalized experience and increases the efficiency of visiting the site, allowing us to provide the most efficient service. By using the website and accepting the terms of the policy, you consent to the use of cookies in accordance with the terms of this policy.