StarHub’s home broadband customers were unable to go online on October 22 and 24 because its servers were under cyber attacks that were “unprecedented in scale, nature and complexity”.
The telecom operator said in a statement late today that its domain name servers (DNS) had been targeted on the two days, essentially locking out many of its users from the Web.
DNS are used to map Web addresses such as starhub.com to a machine-readable set of digits (known as IP or Internet protocol addresses) so users can easily surf to the website.
With StarHub, it is likely that its DNS were overwhelmed by an unusual surge of Internet traffic designed to take them offline or slow them down drastically.
Called a distributed denial of service (DDos), this is a common form of cyber attack. Hackers usually take control of thousands or even millions of compromised PCs or devices and use them to connect with a target all at once.
Last week, a DDos attack larger in scale than any before hit American servers, keeping thousands of users from finding the websites they were looking for. It is unclear if this was linked to the attack in Singapore.
The threat faced by StarHub appears to be the most serious yet for a telco here. As an attack aimed at denying users of a critical service, it also shows the high stakes involved for the government and industry defending against such threats.
StarHub said it was able to mitigate the attacks by filtering unwanted traffic and increasing its server capacity. The services were restored on both occasions within two hours, it added.
It also noted that other services were not affected and the security of its customers’ data was not compromised.
“We continue to stay vigilant against possible follow-up DDoS attempts. In addition, we are working closely with the authorities to determine intent and source of these two DDoS attacks,” said a spokesman.