Update Regarding DDoS Event Against Dyn Managed DNS on October 21, 2016
Incident Report for Dyn, Inc.
Update
The Dyn Analysis Summary of Friday, October 21st DDoS can be found here: http://dyn.com/blog/dyn-analysis-summary-of-friday-october-21-attack/
Posted about 20 hours ago. Oct 26, 2016 - 16:43 UTC
Monitoring
Customers seeking additional information pertinent to the incident may reference the following, extended statement: http://hub.dyn.com/dyn-blog/dyn-statement-on-10-21-2016-ddos-attack
Posted 5 days ago. Oct 22, 2016 - 21:30 UTC
Identified
This Preliminary Findings Report is to provide additional detail in connection with an incident that began on October 21, 2016 at approximately 11:10 UTC and lasted until approximately 17:45 UTC
Dyn is dedicated to delivering the highest quality of service, and as such, we take any customer impacting events very seriously. Below you will find a preliminary analysis of the event. A more in-depth analysis will be distributed in the form of a Root Cause Analysis report at a later date.
Service Affected: Managed DNS
Event cause:
On Friday October 21, 2016 at approximately 11:10 UTC, Dyn came under attack by a large Distributed Denial of Service (DDoS) attack against our Managed DNS infrastructure in the US-East region. Customers affected may have seen regional resolution failures in US-East and intermittent spikes in latency globally. Dyn’s engineers were able to successfully mitigate the attack at approximately 13:20 UTC, and shortly after, the attack subsided. See original status post here: https://www.dynstatus.com/incidents/nlr4yrr162t8.
At roughly 15:50 UTC a second DDoS attack began against the Managed DNS platform. This attack was distributed in a more global fashion. Affected customers may have seen intermittent resolution issues as well as increased global latency. At approximately 17:00 UTC, our engineers were again able to mitigate the attack and service was restored.
At Dyn, we take every incident seriously and work hard to ensure we deliver the service our customers have come to expect. We will continue to evaluate every situation with the goal of improving our systems and processes to deliver the utmost customer experience. Thank you for your continued support.
Oct 21, 2016 - 22:11 UTC
This incident affects: Dyn Managed DNS (Anycast Network).
- wong chee tat :)
Thursday, October 27, 2016
OCBC posts 5% jump in Q3 profit, beating expectations
OCBC posts 5% jump in Q3 profit, beating expectations
Posted 27 Oct 2016 09:15 Updated 27 Oct 2016 09:20
SINGAPORE: The Oversea-Chinese Banking Corp (OCBC) beat estimates with a 5 per cent rise in quarterly profit in the third quarter of the year, helped by gains from its insurance and wealth management units, according to its financial results released on Thursday (Oct 27).
However, the bank warned of a challenging operating environment. The city-state's lenders must contend with growing risks to earnings as credit woes deepen for the offshore services sector, which has been hit hard by a drop-off in orders due to a near-two year rout in oil prices until early this year.
Net profit for Singapore's second-biggest bank came in at S$943 million in the third quarter as its insurance and wealth management business powered a 25 per cent climb in non-interest income.
The result handily beat expectations for a decline in profit with the average estimate at S$834 million from five analysts polled by Reuters.
But provisions for bad debt jumped almost 11 per cent to S$166 million, while net interest income dropped 6 per cent due to lower loan volumes and a weaker net interest margin.
"We continue to keep a firm grip on cost, maintain strong liquidity and capital, and ensure prudent levels of provisioning," OCBC Chief Executive Samuel Tsien said in a statement.
Offshore firms that have said they are struggling with debt payments include oilfield services company Swiber Holdings, which was placed under judicial management this month.
Signs of weakness in a trade-dependent economy and the domestic property market are also further squeezing loan demand.
- Reuters/mz
- wong chee tat :)
Posted 27 Oct 2016 09:15 Updated 27 Oct 2016 09:20
SINGAPORE: The Oversea-Chinese Banking Corp (OCBC) beat estimates with a 5 per cent rise in quarterly profit in the third quarter of the year, helped by gains from its insurance and wealth management units, according to its financial results released on Thursday (Oct 27).
However, the bank warned of a challenging operating environment. The city-state's lenders must contend with growing risks to earnings as credit woes deepen for the offshore services sector, which has been hit hard by a drop-off in orders due to a near-two year rout in oil prices until early this year.
Net profit for Singapore's second-biggest bank came in at S$943 million in the third quarter as its insurance and wealth management business powered a 25 per cent climb in non-interest income.
The result handily beat expectations for a decline in profit with the average estimate at S$834 million from five analysts polled by Reuters.
But provisions for bad debt jumped almost 11 per cent to S$166 million, while net interest income dropped 6 per cent due to lower loan volumes and a weaker net interest margin.
"We continue to keep a firm grip on cost, maintain strong liquidity and capital, and ensure prudent levels of provisioning," OCBC Chief Executive Samuel Tsien said in a statement.
Offshore firms that have said they are struggling with debt payments include oilfield services company Swiber Holdings, which was placed under judicial management this month.
Signs of weakness in a trade-dependent economy and the domestic property market are also further squeezing loan demand.
- Reuters/mz
- wong chee tat :)
‘No indication’ devices from Singapore contributed to US cyberattack: CSA
‘No indication’ devices from Singapore contributed to US cyberattack: CSA
By Kevin Kwang Posted 27 Oct 2016 13:39 Updated 27 Oct 2016 13:40
SINGAPORE: There is no indication that devices from Singapore contributed to the attack against US-based domain name service provider Dyn, which resulted in Web services like Twitter, Spotify and Reddit experiencing downtime, the Cyber Security Agency of Singapore (CSA) said on Wednesday (Oct 26).
In its reply to queries by Channel NewsAsia, a CSA spokesperson said there is a wide range of Internet-connected devices manufactured from various countries on the market, and that any of these devices could be commandeered by hackers anywhere in the world. These cybercriminals can, in turn, direct the zombie devices to take down a targeted site by flooding it with Web traffic.
Dyn on Wednesday shed more light on the Oct 21 attack on its managed DNS infrastructure, with the company’s EVP of Product Scott Hilton stating in a blogpost that the attack was “complex and sophisticated”, and confirming that the Mirai botnet was the primary source of malicious attack traffic.
Mirai is a malware that targets insecure Internet of Things (IoT) devices such as webcams and home routers, and the source code for the malware was released on the open Web earlier in October before the Dyn attack took place.
Chinese manufacturer Hangzhou Xiongmai was fingered as the maker of compromised webcams used in the Dyn attack, and said it would recall as many as 10,000 infected devices as a result. Mr Li Yuexin, Xiongmai’s marketing director, told Reuters on Tuesday that the company would recall the first few batches of surveillance cameras made in 2014 that monitor rooms or shops for personal use.
Threat research company Flashpoint had actually flagged the company as early as Oct 7, after similar large-scale DDoS attacks were conducted on security research Brian Kreb’s blog and French Web hosting company OVH. Flashpoint researchers said then that Xiongmai sells white-labelled DVRs, IP cameras and software to other vendors who then use these in their own products.
“Altogether, over 500,000 devices on public IPs around the world appear susceptible to this vulnerability,” according to the security note.
Local telco StarHub had on Wednesday also identified such compromised devices as the cause for DDoS attacks that resulted in two broadband outages it suffered on Oct 22 and Oct 24. It stopped short of linking its downtime with that of the attack on Dyn.
The attack on StarHub was the first of that nature on Singapore’s infrastructure, according to the CSA and Infocomm Media Development Authority.
- CNA/cy
- wong chee tat :)
By Kevin Kwang Posted 27 Oct 2016 13:39 Updated 27 Oct 2016 13:40
SINGAPORE: There is no indication that devices from Singapore contributed to the attack against US-based domain name service provider Dyn, which resulted in Web services like Twitter, Spotify and Reddit experiencing downtime, the Cyber Security Agency of Singapore (CSA) said on Wednesday (Oct 26).
In its reply to queries by Channel NewsAsia, a CSA spokesperson said there is a wide range of Internet-connected devices manufactured from various countries on the market, and that any of these devices could be commandeered by hackers anywhere in the world. These cybercriminals can, in turn, direct the zombie devices to take down a targeted site by flooding it with Web traffic.
Dyn on Wednesday shed more light on the Oct 21 attack on its managed DNS infrastructure, with the company’s EVP of Product Scott Hilton stating in a blogpost that the attack was “complex and sophisticated”, and confirming that the Mirai botnet was the primary source of malicious attack traffic.
Mirai is a malware that targets insecure Internet of Things (IoT) devices such as webcams and home routers, and the source code for the malware was released on the open Web earlier in October before the Dyn attack took place.
Chinese manufacturer Hangzhou Xiongmai was fingered as the maker of compromised webcams used in the Dyn attack, and said it would recall as many as 10,000 infected devices as a result. Mr Li Yuexin, Xiongmai’s marketing director, told Reuters on Tuesday that the company would recall the first few batches of surveillance cameras made in 2014 that monitor rooms or shops for personal use.
Threat research company Flashpoint had actually flagged the company as early as Oct 7, after similar large-scale DDoS attacks were conducted on security research Brian Kreb’s blog and French Web hosting company OVH. Flashpoint researchers said then that Xiongmai sells white-labelled DVRs, IP cameras and software to other vendors who then use these in their own products.
“Altogether, over 500,000 devices on public IPs around the world appear susceptible to this vulnerability,” according to the security note.
Local telco StarHub had on Wednesday also identified such compromised devices as the cause for DDoS attacks that resulted in two broadband outages it suffered on Oct 22 and Oct 24. It stopped short of linking its downtime with that of the attack on Dyn.
The attack on StarHub was the first of that nature on Singapore’s infrastructure, according to the CSA and Infocomm Media Development Authority.
- CNA/cy
- wong chee tat :)
Australia e-census attack 'incorrectly' attributed to Singapore-based router: CSA
Australia e-census attack 'incorrectly' attributed to Singapore-based router: CSA
Posted 25 Oct 2016 19:54 Updated 25 Oct 2016 20:00
SINGAPORE: The Cyber Security Agency of Singapore (CSA) on Tuesday (Oct 25) refuted reports that cyber attacks which shut down a national census in Australia were launched through a router based in Singapore.
In a statement, the CSA said that it was "surprised at media reports on IBM Australia’s assertions that the majority of international traffic which caused the crash of the Australian Bureau of Statistics (ABS) Census website originated from Singapore."
International Business Machines Corp (IBM) was the lead contractor for the five-yearly Aug 9 household survey by the ABS, which went offline that day after four distributed denial of service (DDoS) attacks, caused by the website being flooded with clicks.
At a Senate inquiry into the matter, IBM Australia and New Zealand managing director Kerry Purcell said that the attacks were launched through a router in Singapore. He blamed Australian ISP Vocus Communications, a subcontractor of Nextgen Networks, for failing to shut it down.
Singapore's CSA questioned IBM's assertion in its statement. "For matters of such nature, it is usual practice for national Computer Emergency Readiness Teams (CERTs) to make inquiries and seek assistance from one another," the agency said.
"In this instance, our SingCERT was not informed of any such attack by CERT Australia. We were also not approached at any point. As such, it is strange that IBM Australia reached such a conclusion."
The agency added that it has contacted CERT Australia for more information, and that it was ready to assist the Australian authorities where required. "According to CERT Australia, some internal ABS infrastructure was hosted in Singapore. There may have been possible misunderstanding in the news reporting of this issue, which incorrectly attributed the DDoS attack source to Singapore."
IBM said on Tuesday that it plans to compensate the Australian government for the "malicious" cyber-attacks.
The breach embarrassed a government which has sought to impress voters with its cybersecurity credentials and plans to trial online elections. The census is already controversial because of privacy concerns.
In a written submission to the inquiry, IBM said its preferred anti-DDoS measure, which it calls "Island Australia", involves "geoblocking", or getting the company's ISPs to shut down offshore traffic coming into the country.
In a written submission to the inquiry, Nextgen said IBM told it about "Island Australia" six days before the census website went live in July, and that IBM declared a test of the strategy four days before the census a success.
It said Nextgen followed IBM's instructions, but noted that IBM rejected Nextgen's offer of additional anti-DDoS detection measures.
Vocus said in a submission that it told Nextgen the week before the census that it "did not provide geoblocking" and that "Vocus was in fact requested to disable its DDoS protection product covering the e-Census IP space".
It did not specify who gave that instruction.
ABS chief statistician David Kalisch said he was confident IBM could deliver on its A$10 million ($7.63 million) contract based on "the comments and exhortations that IBM had made to the ABS about the importance of this work" beforehand.
- CNA/Reuters/nc
- wong chee tat :)
Posted 25 Oct 2016 19:54 Updated 25 Oct 2016 20:00
SINGAPORE: The Cyber Security Agency of Singapore (CSA) on Tuesday (Oct 25) refuted reports that cyber attacks which shut down a national census in Australia were launched through a router based in Singapore.
In a statement, the CSA said that it was "surprised at media reports on IBM Australia’s assertions that the majority of international traffic which caused the crash of the Australian Bureau of Statistics (ABS) Census website originated from Singapore."
International Business Machines Corp (IBM) was the lead contractor for the five-yearly Aug 9 household survey by the ABS, which went offline that day after four distributed denial of service (DDoS) attacks, caused by the website being flooded with clicks.
At a Senate inquiry into the matter, IBM Australia and New Zealand managing director Kerry Purcell said that the attacks were launched through a router in Singapore. He blamed Australian ISP Vocus Communications, a subcontractor of Nextgen Networks, for failing to shut it down.
Singapore's CSA questioned IBM's assertion in its statement. "For matters of such nature, it is usual practice for national Computer Emergency Readiness Teams (CERTs) to make inquiries and seek assistance from one another," the agency said.
"In this instance, our SingCERT was not informed of any such attack by CERT Australia. We were also not approached at any point. As such, it is strange that IBM Australia reached such a conclusion."
The agency added that it has contacted CERT Australia for more information, and that it was ready to assist the Australian authorities where required. "According to CERT Australia, some internal ABS infrastructure was hosted in Singapore. There may have been possible misunderstanding in the news reporting of this issue, which incorrectly attributed the DDoS attack source to Singapore."
IBM said on Tuesday that it plans to compensate the Australian government for the "malicious" cyber-attacks.
The breach embarrassed a government which has sought to impress voters with its cybersecurity credentials and plans to trial online elections. The census is already controversial because of privacy concerns.
In a written submission to the inquiry, IBM said its preferred anti-DDoS measure, which it calls "Island Australia", involves "geoblocking", or getting the company's ISPs to shut down offshore traffic coming into the country.
In a written submission to the inquiry, Nextgen said IBM told it about "Island Australia" six days before the census website went live in July, and that IBM declared a test of the strategy four days before the census a success.
It said Nextgen followed IBM's instructions, but noted that IBM rejected Nextgen's offer of additional anti-DDoS detection measures.
Vocus said in a submission that it told Nextgen the week before the census that it "did not provide geoblocking" and that "Vocus was in fact requested to disable its DDoS protection product covering the e-Census IP space".
It did not specify who gave that instruction.
ABS chief statistician David Kalisch said he was confident IBM could deliver on its A$10 million ($7.63 million) contract based on "the comments and exhortations that IBM had made to the ABS about the importance of this work" beforehand.
- CNA/Reuters/nc
- wong chee tat :)
Broadband service outages due to DDoS attacks: StarHub
Broadband service outages due to DDoS attacks: StarHub
Posted 25 Oct 2016 15:36 Updated 25 Oct 2016 23:07
SINGAPORE: The two recent broadband service outages that hit StarHub were the result of "intentional and likely malicious attacks" on its servers, the telco confirmed on Tuesday (Oct 25), adding that the attacks were "unprecedented in scale, nature and complexity".
In a media statement, StarHub said: "We have completed inspecting and analysing network logs from the home broadband incidents on Oct 22 and Oct 24 and we are now able to confirm that we had experienced intentional and likely malicious distributed denial-of-service (DDoS) attacks on our domain name servers (DNS).
"These two recent attacks that we experienced were unprecedented in scale, nature and complexity," it said.
Starhub said that the DDoS attacks caused temporary web connection issue for some of its home broadband customers. "On both occasions, we mitigated the attacks by filtering unwanted traffic and increasing our DNS capacity, and restored service within two hours. No impact was observed on the rest of our services, and the security of our customers’ information was not compromised."
The broadband service provider said it would continue to stay vigilant against possible follow-up DDoS attempts, and is working closely with the authorities to determine intent and source of these two DDoS attacks.
Earlier on Tuesday, the Cyber Security Agency (CSA) and the Infocomm Media Development Authority (IMDA) said that the possibility of a DDoS attack could not be ruled out, and noted that StarHub's outages came on the heels of Friday’s attack against the US-based domain name system service provider Dyn.
StarHub had earlier said it detected a "spike in data traffic" coming into its domain name servers (DNS) that temporarily affected the Web connection for some of its home broadband customers during the time of the outage.
A DNS is a database that translates Web addresses, such as www.nameofwebsite.com, into machine readable sets of digits for customers to view websites on their computers.
"When a DNS is not operating optimally, customers may face difficulty in accessing the Internet," the telco said.
After detecting the sudden increase in traffic to the servers, StarHub said it immediately started filtering the unwanted traffic and added DNS capacity to manage the "huge increase in traffic load". As a result, some customers temporarily faced intermittent broadband access, it said.
The telco added that there was no impact on its mobile broadband, enterprise and home voice services, and the security of customers’ information was not compromised.
According to StarHub, the home broadband service for affected customers was fully restored at about 11.25pm on Monday.
The company said that initial investigations pointed to similarities between the outage on Monday and the first incident last Saturday.
- CNA/mz/ek
- wong chee tat :)
Posted 25 Oct 2016 15:36 Updated 25 Oct 2016 23:07
SINGAPORE: The two recent broadband service outages that hit StarHub were the result of "intentional and likely malicious attacks" on its servers, the telco confirmed on Tuesday (Oct 25), adding that the attacks were "unprecedented in scale, nature and complexity".
In a media statement, StarHub said: "We have completed inspecting and analysing network logs from the home broadband incidents on Oct 22 and Oct 24 and we are now able to confirm that we had experienced intentional and likely malicious distributed denial-of-service (DDoS) attacks on our domain name servers (DNS).
"These two recent attacks that we experienced were unprecedented in scale, nature and complexity," it said.
Starhub said that the DDoS attacks caused temporary web connection issue for some of its home broadband customers. "On both occasions, we mitigated the attacks by filtering unwanted traffic and increasing our DNS capacity, and restored service within two hours. No impact was observed on the rest of our services, and the security of our customers’ information was not compromised."
The broadband service provider said it would continue to stay vigilant against possible follow-up DDoS attempts, and is working closely with the authorities to determine intent and source of these two DDoS attacks.
Earlier on Tuesday, the Cyber Security Agency (CSA) and the Infocomm Media Development Authority (IMDA) said that the possibility of a DDoS attack could not be ruled out, and noted that StarHub's outages came on the heels of Friday’s attack against the US-based domain name system service provider Dyn.
StarHub had earlier said it detected a "spike in data traffic" coming into its domain name servers (DNS) that temporarily affected the Web connection for some of its home broadband customers during the time of the outage.
A DNS is a database that translates Web addresses, such as www.nameofwebsite.com, into machine readable sets of digits for customers to view websites on their computers.
"When a DNS is not operating optimally, customers may face difficulty in accessing the Internet," the telco said.
After detecting the sudden increase in traffic to the servers, StarHub said it immediately started filtering the unwanted traffic and added DNS capacity to manage the "huge increase in traffic load". As a result, some customers temporarily faced intermittent broadband access, it said.
The telco added that there was no impact on its mobile broadband, enterprise and home voice services, and the security of customers’ information was not compromised.
According to StarHub, the home broadband service for affected customers was fully restored at about 11.25pm on Monday.
The company said that initial investigations pointed to similarities between the outage on Monday and the first incident last Saturday.
- CNA/mz/ek
- wong chee tat :)
Possibility of DDoS attack on StarHub broadband service cannot be ruled out: IMDA
Possibility of DDoS attack on StarHub broadband service cannot be ruled out: IMDA
Posted 25 Oct 2016 18:09 Updated 25 Oct 2016 22:21
SINGAPORE: Authorities are not ruling out the possibility of a Distributed Denial of Service (DDoS) attack in the two outages that telco StarHub's broadband service saw in the space of two days.
In a joint statement to the media on Tuesday (Oct 25), the Cyber Security Agency (CSA) and the Infocomm Media Development Authority (IMDA) said: "We have been paying close attention to developments as it happened on the heels of Friday’s attack against the US-based domain name system service provider, Dyn. We cannot rule out the possibility that this was a DDoS attack."
Earlier on Tuesday, StarHub said Monday's outage came after it detected a "spike in data traffic" coming into its domain name servers. The telco said it is currently investigating the root cause, including whether the spike in traffic was malicious in intent.
"What is important now is for StarHub to determine the root cause of the problem and prevent a recurrence," said IMDA and CSA in their joint statement.
"IMDA is working closely with StarHub to investigate the matter and strengthen its infrastructure and processes.
OTHER TELCOS ADVISED TO STEP UP DEFENCES
In the statement, IMDA said it also advised the other telcos to step up their defences in case there are similar disruptions to their systems.
Responding to queries from Channel NewsAsia's, Singtel said it has measures in place to safeguard its network.
“We did not observe any abnormal traffic trends over the past weekend, but will continue to monitor our networks closely. We have a robust monitoring system and resilient protection mechanisms in place to safeguard our networks,” a spokesperson told Channel NewsAsia.
M1 said it is "aware of the recent cyber-attacks and is on alert".
"We have made significant investments to defend our systems against cyber-attacks, including DDoS attacks," said Mr Chua Hian Hou, assistant general manager of corporate communications at M1.
In the joint statement, CSA added that it is "studying and addressing the risks of DDoS attacks on our communications systems, as well as the measures to mitigate the impact of such attacks if they happen."
CSA added that it would also reach out to educate the public and businesses on the need to properly secure their systems.
- CNA/dt
- wong chee tat :)
Posted 25 Oct 2016 18:09 Updated 25 Oct 2016 22:21
SINGAPORE: Authorities are not ruling out the possibility of a Distributed Denial of Service (DDoS) attack in the two outages that telco StarHub's broadband service saw in the space of two days.
In a joint statement to the media on Tuesday (Oct 25), the Cyber Security Agency (CSA) and the Infocomm Media Development Authority (IMDA) said: "We have been paying close attention to developments as it happened on the heels of Friday’s attack against the US-based domain name system service provider, Dyn. We cannot rule out the possibility that this was a DDoS attack."
Earlier on Tuesday, StarHub said Monday's outage came after it detected a "spike in data traffic" coming into its domain name servers. The telco said it is currently investigating the root cause, including whether the spike in traffic was malicious in intent.
"What is important now is for StarHub to determine the root cause of the problem and prevent a recurrence," said IMDA and CSA in their joint statement.
"IMDA is working closely with StarHub to investigate the matter and strengthen its infrastructure and processes.
OTHER TELCOS ADVISED TO STEP UP DEFENCES
In the statement, IMDA said it also advised the other telcos to step up their defences in case there are similar disruptions to their systems.
Responding to queries from Channel NewsAsia's, Singtel said it has measures in place to safeguard its network.
“We did not observe any abnormal traffic trends over the past weekend, but will continue to monitor our networks closely. We have a robust monitoring system and resilient protection mechanisms in place to safeguard our networks,” a spokesperson told Channel NewsAsia.
M1 said it is "aware of the recent cyber-attacks and is on alert".
"We have made significant investments to defend our systems against cyber-attacks, including DDoS attacks," said Mr Chua Hian Hou, assistant general manager of corporate communications at M1.
In the joint statement, CSA added that it is "studying and addressing the risks of DDoS attacks on our communications systems, as well as the measures to mitigate the impact of such attacks if they happen."
CSA added that it would also reach out to educate the public and businesses on the need to properly secure their systems.
- CNA/dt
- wong chee tat :)
StarHub broadband service suffers second outage in 2 days
StarHub broadband service suffers second outage in 2 days
Posted 24 Oct 2016 23:07 Updated 25 Oct 2016 09:04
SINGAPORE: Customers of telco StarHub took to social media to air their frustrations about a second broadband service outage on Monday evening (Oct 24), two days after the first outage.
Singer Taufik Batisah was among the StarHub customers who joined in the chorus of complaints, commenting that they had to rely on their mobile data for their Internet connection instead.
In response to queries by Channel NewsAsia, a StarHub spokesperson said: "We are aware that some broadband customers are facing difficulties accessing the Internet. We are looking into this right now, and will provide our customers with updates through our Facebook page."
In a post on its Facebook page on Tuesday at 1.25am, StarHub said that at about 11.20pm on Monday, it rectified a network equipment issue that had temporarily affected their residential broadband service since about 10pm the same day.
"We are currently investigating the root cause of this incident. We have been monitoring the service in the past two hours to ensure it remains stable for our customers, and thank everyone for their patience and understanding."
StarHub had also attributed Saturday's outage to a "network equipment issue", which it fixed at 2am on Sunday.
- CNA/ek
- wong chee tat :)
Posted 24 Oct 2016 23:07 Updated 25 Oct 2016 09:04
SINGAPORE: Customers of telco StarHub took to social media to air their frustrations about a second broadband service outage on Monday evening (Oct 24), two days after the first outage.
Singer Taufik Batisah was among the StarHub customers who joined in the chorus of complaints, commenting that they had to rely on their mobile data for their Internet connection instead.
In response to queries by Channel NewsAsia, a StarHub spokesperson said: "We are aware that some broadband customers are facing difficulties accessing the Internet. We are looking into this right now, and will provide our customers with updates through our Facebook page."
In a post on its Facebook page on Tuesday at 1.25am, StarHub said that at about 11.20pm on Monday, it rectified a network equipment issue that had temporarily affected their residential broadband service since about 10pm the same day.
"We are currently investigating the root cause of this incident. We have been monitoring the service in the past two hours to ensure it remains stable for our customers, and thank everyone for their patience and understanding."
StarHub had also attributed Saturday's outage to a "network equipment issue", which it fixed at 2am on Sunday.
- CNA/ek
- wong chee tat :)
Starhub fibre broadband service outage sparks customers' ire
Starhub fibre broadband service outage sparks customers' ire
Posted 22 Oct 2016 23:30 Updated 23 Oct 2016 02:32
SINGAPORE: StarHub customers took to social media to air their frustrations following a fibre broadband service outage by the local telco on Saturday evening (Oct 22).
According to affected StarHub customers on social media, the outage started at around 10.00pm.
Responding to queries from Channel NewsAsia, a StarHub spokesperson said the telco is “working as fast as it can to fix an issue affecting customers' broadband service” and added that updates on the outage will be provided on its Facebook page.
"Our engineers are continuing to work to rectify the situation as soon as possible for customers. Updates to come."
In a Facebook post at 2.00am on Sunday, StarHub said they have since rectified a network equipment issue and are now closely monitoring the situation to ensure the service stabilises for their customers.
- CNA/xk
- wong chee tat :)
Posted 22 Oct 2016 23:30 Updated 23 Oct 2016 02:32
SINGAPORE: StarHub customers took to social media to air their frustrations following a fibre broadband service outage by the local telco on Saturday evening (Oct 22).
According to affected StarHub customers on social media, the outage started at around 10.00pm.
Responding to queries from Channel NewsAsia, a StarHub spokesperson said the telco is “working as fast as it can to fix an issue affecting customers' broadband service” and added that updates on the outage will be provided on its Facebook page.
"Our engineers are continuing to work to rectify the situation as soon as possible for customers. Updates to come."
In a Facebook post at 2.00am on Sunday, StarHub said they have since rectified a network equipment issue and are now closely monitoring the situation to ensure the service stabilises for their customers.
- CNA/xk
- wong chee tat :)
Broadband service outages due to DDoS attacks: StarHub
Broadband service outages due to DDoS attacks: StarHub
Posted 25 Oct 2016 15:36 Updated 25 Oct 2016 23:07
SINGAPORE: The two recent broadband service outages that hit StarHub were the result of "intentional and likely malicious attacks" on its servers, the telco confirmed on Tuesday (Oct 25), adding that the attacks were "unprecedented in scale, nature and complexity".
In a media statement, StarHub said: "We have completed inspecting and analysing network logs from the home broadband incidents on Oct 22 and Oct 24 and we are now able to confirm that we had experienced intentional and likely malicious distributed denial-of-service (DDoS) attacks on our domain name servers (DNS).
"These two recent attacks that we experienced were unprecedented in scale, nature and complexity," it said.
Starhub said that the DDoS attacks caused temporary web connection issue for some of its home broadband customers. "On both occasions, we mitigated the attacks by filtering unwanted traffic and increasing our DNS capacity, and restored service within two hours. No impact was observed on the rest of our services, and the security of our customers’ information was not compromised."
The broadband service provider said it would continue to stay vigilant against possible follow-up DDoS attempts, and is working closely with the authorities to determine intent and source of these two DDoS attacks.
Earlier on Tuesday, the Cyber Security Agency (CSA) and the Infocomm Media Development Authority (IMDA) said that the possibility of a DDoS attack could not be ruled out, and noted that StarHub's outages came on the heels of Friday’s attack against the US-based domain name system service provider Dyn.
StarHub had earlier said it detected a "spike in data traffic" coming into its domain name servers (DNS) that temporarily affected the Web connection for some of its home broadband customers during the time of the outage.
A DNS is a database that translates Web addresses, such as www.nameofwebsite.com, into machine readable sets of digits for customers to view websites on their computers.
"When a DNS is not operating optimally, customers may face difficulty in accessing the Internet," the telco said.
After detecting the sudden increase in traffic to the servers, StarHub said it immediately started filtering the unwanted traffic and added DNS capacity to manage the "huge increase in traffic load". As a result, some customers temporarily faced intermittent broadband access, it said.
The telco added that there was no impact on its mobile broadband, enterprise and home voice services, and the security of customers’ information was not compromised.
According to StarHub, the home broadband service for affected customers was fully restored at about 11.25pm on Monday.
The company said that initial investigations pointed to similarities between the outage on Monday and the first incident last Saturday.
- CNA/mz/ek
- wong chee tat :)
Posted 25 Oct 2016 15:36 Updated 25 Oct 2016 23:07
SINGAPORE: The two recent broadband service outages that hit StarHub were the result of "intentional and likely malicious attacks" on its servers, the telco confirmed on Tuesday (Oct 25), adding that the attacks were "unprecedented in scale, nature and complexity".
In a media statement, StarHub said: "We have completed inspecting and analysing network logs from the home broadband incidents on Oct 22 and Oct 24 and we are now able to confirm that we had experienced intentional and likely malicious distributed denial-of-service (DDoS) attacks on our domain name servers (DNS).
"These two recent attacks that we experienced were unprecedented in scale, nature and complexity," it said.
Starhub said that the DDoS attacks caused temporary web connection issue for some of its home broadband customers. "On both occasions, we mitigated the attacks by filtering unwanted traffic and increasing our DNS capacity, and restored service within two hours. No impact was observed on the rest of our services, and the security of our customers’ information was not compromised."
The broadband service provider said it would continue to stay vigilant against possible follow-up DDoS attempts, and is working closely with the authorities to determine intent and source of these two DDoS attacks.
Earlier on Tuesday, the Cyber Security Agency (CSA) and the Infocomm Media Development Authority (IMDA) said that the possibility of a DDoS attack could not be ruled out, and noted that StarHub's outages came on the heels of Friday’s attack against the US-based domain name system service provider Dyn.
StarHub had earlier said it detected a "spike in data traffic" coming into its domain name servers (DNS) that temporarily affected the Web connection for some of its home broadband customers during the time of the outage.
A DNS is a database that translates Web addresses, such as www.nameofwebsite.com, into machine readable sets of digits for customers to view websites on their computers.
"When a DNS is not operating optimally, customers may face difficulty in accessing the Internet," the telco said.
After detecting the sudden increase in traffic to the servers, StarHub said it immediately started filtering the unwanted traffic and added DNS capacity to manage the "huge increase in traffic load". As a result, some customers temporarily faced intermittent broadband access, it said.
The telco added that there was no impact on its mobile broadband, enterprise and home voice services, and the security of customers’ information was not compromised.
According to StarHub, the home broadband service for affected customers was fully restored at about 11.25pm on Monday.
The company said that initial investigations pointed to similarities between the outage on Monday and the first incident last Saturday.
- CNA/mz/ek
- wong chee tat :)
Compromised home devices triggered broadband outages: StarHub
Compromised home devices triggered broadband outages: StarHub
By Kevin Kwang Posted 26 Oct 2016 19:10 Updated 27 Oct 2016 08:56
SINGAPORE: Web-connected devices bought by StarHub subscribers were the cause of the "illegitimate traffic" that resulted in the distributed denial of service (DDoS) the telco suffered twice in two days, said StarHub's chief technology officer (CTO) Mock Pak Lum on Wednesday (Oct 26).
In a media briefing, Mr Mock said affected devices such as broadband routers and webcams were responsible for the spike in Web traffic the telco saw last Saturday and Monday nights.
However, he did not disclose how many devices or IP addresses were compromised, or what was the exact volume in the spike in Web traffic its domain name server (DNS) farms had to handle in a short space of time.
The illegitimate traffic to the DNS resulted in an overload that disrupted Web connection for "some" broadband users, Mr Mock said. "Not everyone was affected," he added, saying that some users would have gotten to their desired webpage if they had waited long enough.
As remedial action, the telco said it has increased DNS capacity by 400 per cent since Saturday, and is also implementing traffic filtering and source tracing to identify the source of Web traffic surges.
It is also looking to deploy its technical team - HubTroopers - to subscribers identified with compromised devices to help them troubleshoot. This could either be done at their homes or, with their permission, taken back to StarHub for further investigation.
That said, the CTO said his team is working to scrub through the logs to see if the traffic spike was linked to the attack on US-based Dyn DNS. He noted that there are similarities in that compromised connected home devices were used to conduct the attack, but that it was too early to draw any conclusion.
He also could not comment as to why only StarHub was attacked by the compromised devices, while other Internet service providers were not affected.
StarHub is working with the Cyber Security Agency of Singapore (CSA) in terms of sharing information from its investigations, he added.
In the meantime, Mr Mock stressed that "everyone has a role to play in cybersecurity". "The reward is now too huge" for cybercriminals and the online threat will be "prevalent for a long time to come", the CTO said.
He suggested that consumers only get devices that are "reputable", remember to change the default passwords and set up the necessary defences such as firewalls after buying the devices.
He also cautioned against blindly opening up Web links sent from friends via emails, for instance, as this could potentially lead to malware being downloaded into the device without the user's knowledge.
DDoS ATTACKS LIKELY TO BE MORE COMMON: EXPERTS
The CSA and the Infocomm Media Development Authority (IMDA) said in a joint statement that the DDoS attacks are the first such incident against Singapore's telco infrastructure, and reiterated that they are working "closely" with StarHub to investigate the matter.
Commenting on StarHub's announcement, Mr John Lim, course manager at Nanyang Polytechnic's School of Information Technology, told Channel NewsAsia that he was not surprised that compromised embedded devices were used to stage the DDoS attacks.
He said that PCs and Macs have become much more secure today, but this is not so for devices such as webcams or routers.
"You cannot just install antivirus on these devices," Mr Lim said.
Additionally, consumers can now shop for such connected devices from e-commerce sites such as Taobao, and many times these are brands that are not known here and there is little to no information on the kind of defences manufacturers have installed, he said.
With the proliferation of these Web-connected devices, Mr Lim said he "won't be surprised if there will be other similar attacks that might affect the other two telcos" in the future.
Other experts Channel NewsAsia spoke to concurred, with one pointing to the gaining popularity of the Internet of Things.
"There's research done that 50 billion devices will be connected in 2020. Just imagine: 50 billion (devices) attacking your organisation," said Mr Vincent Loy, Asia Pacific Cyber & Financial Crime Leader at PwC Singapore.
Mr Loy too added that many devices are not built with security in mind.
"They were built to do a certain function; security was not part of it; they do not have password control. They do not have security control, they do not have a log in or back up. The Government and private sector need to work together to come up with a solution in coming up with security by design," Mr Loy said.
Mr Stephen Dane, a managing director at Cisco Systems (HK), pointed to the need for companies to pay more attention to security.
"It's really important to design a network and your infrastructure with high availability in mind, to ensure that not all your eggs are in one basket when it comes to protecting or providing data and holding records on behalf of customers; or in fact, having a website that's associated with just one domain name server," he said.
"It's important to build that resiliency into your infrastructure and ensure that there's high availability as much as possible, so that you are ensuring that the target is distributed as much as possible and therefore the risk is reduced," he added.
Additional reporting by Alice Chia.
- CNA/kk/dl
- wong chee tat :)
By Kevin Kwang Posted 26 Oct 2016 19:10 Updated 27 Oct 2016 08:56
SINGAPORE: Web-connected devices bought by StarHub subscribers were the cause of the "illegitimate traffic" that resulted in the distributed denial of service (DDoS) the telco suffered twice in two days, said StarHub's chief technology officer (CTO) Mock Pak Lum on Wednesday (Oct 26).
In a media briefing, Mr Mock said affected devices such as broadband routers and webcams were responsible for the spike in Web traffic the telco saw last Saturday and Monday nights.
However, he did not disclose how many devices or IP addresses were compromised, or what was the exact volume in the spike in Web traffic its domain name server (DNS) farms had to handle in a short space of time.
The illegitimate traffic to the DNS resulted in an overload that disrupted Web connection for "some" broadband users, Mr Mock said. "Not everyone was affected," he added, saying that some users would have gotten to their desired webpage if they had waited long enough.
As remedial action, the telco said it has increased DNS capacity by 400 per cent since Saturday, and is also implementing traffic filtering and source tracing to identify the source of Web traffic surges.
It is also looking to deploy its technical team - HubTroopers - to subscribers identified with compromised devices to help them troubleshoot. This could either be done at their homes or, with their permission, taken back to StarHub for further investigation.
That said, the CTO said his team is working to scrub through the logs to see if the traffic spike was linked to the attack on US-based Dyn DNS. He noted that there are similarities in that compromised connected home devices were used to conduct the attack, but that it was too early to draw any conclusion.
He also could not comment as to why only StarHub was attacked by the compromised devices, while other Internet service providers were not affected.
StarHub is working with the Cyber Security Agency of Singapore (CSA) in terms of sharing information from its investigations, he added.
In the meantime, Mr Mock stressed that "everyone has a role to play in cybersecurity". "The reward is now too huge" for cybercriminals and the online threat will be "prevalent for a long time to come", the CTO said.
He suggested that consumers only get devices that are "reputable", remember to change the default passwords and set up the necessary defences such as firewalls after buying the devices.
He also cautioned against blindly opening up Web links sent from friends via emails, for instance, as this could potentially lead to malware being downloaded into the device without the user's knowledge.
DDoS ATTACKS LIKELY TO BE MORE COMMON: EXPERTS
The CSA and the Infocomm Media Development Authority (IMDA) said in a joint statement that the DDoS attacks are the first such incident against Singapore's telco infrastructure, and reiterated that they are working "closely" with StarHub to investigate the matter.
Commenting on StarHub's announcement, Mr John Lim, course manager at Nanyang Polytechnic's School of Information Technology, told Channel NewsAsia that he was not surprised that compromised embedded devices were used to stage the DDoS attacks.
He said that PCs and Macs have become much more secure today, but this is not so for devices such as webcams or routers.
"You cannot just install antivirus on these devices," Mr Lim said.
Additionally, consumers can now shop for such connected devices from e-commerce sites such as Taobao, and many times these are brands that are not known here and there is little to no information on the kind of defences manufacturers have installed, he said.
With the proliferation of these Web-connected devices, Mr Lim said he "won't be surprised if there will be other similar attacks that might affect the other two telcos" in the future.
Other experts Channel NewsAsia spoke to concurred, with one pointing to the gaining popularity of the Internet of Things.
"There's research done that 50 billion devices will be connected in 2020. Just imagine: 50 billion (devices) attacking your organisation," said Mr Vincent Loy, Asia Pacific Cyber & Financial Crime Leader at PwC Singapore.
Mr Loy too added that many devices are not built with security in mind.
"They were built to do a certain function; security was not part of it; they do not have password control. They do not have security control, they do not have a log in or back up. The Government and private sector need to work together to come up with a solution in coming up with security by design," Mr Loy said.
Mr Stephen Dane, a managing director at Cisco Systems (HK), pointed to the need for companies to pay more attention to security.
"It's really important to design a network and your infrastructure with high availability in mind, to ensure that not all your eggs are in one basket when it comes to protecting or providing data and holding records on behalf of customers; or in fact, having a website that's associated with just one domain name server," he said.
"It's important to build that resiliency into your infrastructure and ensure that there's high availability as much as possible, so that you are ensuring that the target is distributed as much as possible and therefore the risk is reduced," he added.
Additional reporting by Alice Chia.
- CNA/kk/dl
- wong chee tat :)
DDoS attack on StarHub first of its kind on Singapore's telco infrastructure: CSA, IMDA
DDoS attack on StarHub first of its kind on Singapore's telco infrastructure: CSA, IMDA
Posted 26 Oct 2016 21:20 Updated 26 Oct 2016 23:35
SINGAPORE: The Distributed Denial of Service (DDoS) attacks on StarHub’s broadband network were the first of that nature on Singapore's telco infrastructure, the Cyber Security Agency of Singapore (CSA) and Infocomm Media Development Authority (IMDA) said on Wednesday evening (Oct 26).
This comes after the telco revealed in a media briefing on Wednesday that compromised devices such as webcams and routers owned by its customers led to the DDoS attacks.
In a joint statement, CSA and IMDA said attacks on Domain Name Services (DNS), as seen in StarHub’s case, are “generally rare”, “although the latest Dyn incident in US has shown that it is surfacing as an emerging trend”.
The agencies added that in DDoS attacks, attackers usually scan for vulnerable Internet-connected devices commonly known as "botnet" and employ a list of techniques - such as password cracking - to gain access to them.
“Any Internet-connected device, from WiFi routers to printers to CCTVs, can inadvertently be part of a network of ‘bots’ that can be activated to attack other systems,” CSA and IMDA said, adding that there is no foolproof solution as digital systems are increasingly connected.
As such, telcos must ensure they have “resilient and robust” systems, and put in place measures to quickly detect and respond to such attacks, so as to avoid disruption of services to their subscribers, CSA and IMDA added.
They reiterated that they are working “closely” with StarHub to investigate the matter, and strengthen the telco’s infrastructure and processes, and said they have advised other telcos in Singapore to step up their defences in case there are similar disruptions to their systems.
Members of the public are also advised to adopt “good cyber hygiene practices” to secure their devices. SingCERT will publish an advisory on what businesses and individuals should do to ensure their Internet-connected devices are secure, CSA and IMDA said.
BUSINESSES SHOULD MAKE CYBER SECURITY A PRIORITY: YAACOB
Communications and Information Minister Yaacob Ibrahim called on businesses to take action to address their specific cyber security needs, even as the Government steps up efforts to help them stay safe.
Speaking at an Asia Pacific cyber security summit on Wednesday, Dr Yaacob said the Government has been consistent in pursuing cyber security development, working with multiple stakeholders, including businesses and international partners. This includes launching the national cyber security strategy earlier this month, and developing a multi-tiered cyber security response plan.
A new Cybersecurity Act is also in the pipeline.
But Dr Yaacob emphasised that the Government cannot do it alone, and urged companies to make cyber security a priority.
"Cyber security should not be seen as a cost, but as an investment to manage risk. Under-investment in cyber security does not mean 'business-as-usual'. Weak cyber defences suffering from under-investment could be breached more easily, leading to disruption of business activities and significant losses," the minister said.
- CNA/dl
- wong chee tat :)
Posted 26 Oct 2016 21:20 Updated 26 Oct 2016 23:35
SINGAPORE: The Distributed Denial of Service (DDoS) attacks on StarHub’s broadband network were the first of that nature on Singapore's telco infrastructure, the Cyber Security Agency of Singapore (CSA) and Infocomm Media Development Authority (IMDA) said on Wednesday evening (Oct 26).
This comes after the telco revealed in a media briefing on Wednesday that compromised devices such as webcams and routers owned by its customers led to the DDoS attacks.
In a joint statement, CSA and IMDA said attacks on Domain Name Services (DNS), as seen in StarHub’s case, are “generally rare”, “although the latest Dyn incident in US has shown that it is surfacing as an emerging trend”.
The agencies added that in DDoS attacks, attackers usually scan for vulnerable Internet-connected devices commonly known as "botnet" and employ a list of techniques - such as password cracking - to gain access to them.
“Any Internet-connected device, from WiFi routers to printers to CCTVs, can inadvertently be part of a network of ‘bots’ that can be activated to attack other systems,” CSA and IMDA said, adding that there is no foolproof solution as digital systems are increasingly connected.
As such, telcos must ensure they have “resilient and robust” systems, and put in place measures to quickly detect and respond to such attacks, so as to avoid disruption of services to their subscribers, CSA and IMDA added.
They reiterated that they are working “closely” with StarHub to investigate the matter, and strengthen the telco’s infrastructure and processes, and said they have advised other telcos in Singapore to step up their defences in case there are similar disruptions to their systems.
Members of the public are also advised to adopt “good cyber hygiene practices” to secure their devices. SingCERT will publish an advisory on what businesses and individuals should do to ensure their Internet-connected devices are secure, CSA and IMDA said.
BUSINESSES SHOULD MAKE CYBER SECURITY A PRIORITY: YAACOB
Communications and Information Minister Yaacob Ibrahim called on businesses to take action to address their specific cyber security needs, even as the Government steps up efforts to help them stay safe.
Speaking at an Asia Pacific cyber security summit on Wednesday, Dr Yaacob said the Government has been consistent in pursuing cyber security development, working with multiple stakeholders, including businesses and international partners. This includes launching the national cyber security strategy earlier this month, and developing a multi-tiered cyber security response plan.
A new Cybersecurity Act is also in the pipeline.
But Dr Yaacob emphasised that the Government cannot do it alone, and urged companies to make cyber security a priority.
"Cyber security should not be seen as a cost, but as an investment to manage risk. Under-investment in cyber security does not mean 'business-as-usual'. Weak cyber defences suffering from under-investment could be breached more easily, leading to disruption of business activities and significant losses," the minister said.
- CNA/dl
- wong chee tat :)
Singapore's cybersecurity skills shortage: Why it matters
Singapore's cybersecurity skills shortage: Why it matters
By Linette Lim Posted 14 Oct 2016 15:51 Updated 14 Oct 2016 16:00
SINGAPORE: In his speech launching Singapore’s national cybersecurity strategy earlier this week, Prime Minister Lee Hsien Loong warned of cyberattacks and threats “becoming more frequent and sophisticated, with more severe consequences”.
He pointed to how a cyberattack on the power grid in Ukraine last December left many Ukrainians without electricity for hours, and how hackers used malware to withdraw more than US$2 million (S$2.77 million) from ATMs in Taiwan in July this year. Closer to home, he said that there have been attacks on government networks and on the financial sector.
According to a 2014 report from Center for Strategic and International Studies, cybercrime costs Singapore an estimated S$1.25 billion annually.
Yet there is a decidedly acute shortage of IT security specialists that can be engaged to help fend off such online threats.
According to Communications and Information Minister Yaacob Ibrahim, there were 15,000 vacancies in the information and communications technology (ICT) sector last year, unchanged from 2014. More than two-thirds of these vacancies, he said, were for professionals, managers, executives and technicians (PMETs) or technical specialists in areas such as development, network and infrastructure, cybersecurity and data analytics.
Additionally, 2012 data from the Economic Development Board (EDB) showed that just 0.8 per cent of Singapore’s 144,300 ICT workers were IT security specialists, with a particularly acute shortfall in the middle and senior tiers.
MANPOWER GAP HINDERING CYBERCRIME FIGHT
This is why for vendors like Quann, which hires more than 300 certified security professionals in the region, a global shortage of cybersecurity manpower means fighting cybercrime is proving to be an uphill battle.
“There is a distinct (manpower and skills) gap, and the gap has widened. The proxy for that is the wage growth that we’ve seen in this sector. Wages have gone up quite substantially in the last two to three years. Based on some reports by third-party consultancies, wages are estimated to have gone up by 20 per cent per year, over the last couple of years,” said Quann’s managing director Foo Siang-tse.
According to Mr Foo, increasing digitisation of customer and business records and the proliferation of interconnected devices have resulted in greater avenues for cybercriminals, but “until recently”, educational institutions have not expanded capacity quickly enough to keep pace with demand in the sector.
To address this, part of the national cybersecurity strategy is to boost the cybersecurity profession in a number of ways. This includes instituting clear career pathways, promoting certification, and working with the industry and institutes of higher learning to attract new graduates and convert existing professionals from related fields.
WHAT ARE THE SKILLS NEEDED?
One of these organisations is ISACA, the international professional body formerly known as the Information Systems Audit and Control Association. Its Singapore Chapter says the Government is working with industry groups like theirs to offer training and certification programmes.
“Skills that are lacking now are in the areas of intrusion detection, security architecture and analysis, security incident management, secure software development, incident response and recovery,” said Mr John Lee, President of ISACA Singapore Chapter.
“Singapore is a global financial hub with high-end manufacturing and developed service industry. The need to safeguard against a major cyber breach is paramount to prevent erosion of trust by external stakeholders.”
Among the IHLs, the Singapore University of Technology (SUTD) only opened its doors four years ago. Professor Aditya Mathur, who oversees the university’s Information Systems Technology and Design pillar, said he has seen a rise in student enrollments and a growing number of students picking security classes.
“SUTD is not only offering courses in cybersecurity at the undergraduate level but also conducting outreach programmes aimed at raising cybersecurity awareness among secondary school students,” Prof Aditya added.
TAPPING ON EXISTING TALENT POOL
But it will be some time before these students join the workforce and contribute to the core of local cybersecurity talent. In the meanwhile, Mr Foo says Quann is doing its best to meet the manpower challenge through on-the-job training, or through converting existing IT professionals with adjacent skillsets.
The local company is one of four participating in the Cyber Security Associates and Technologists (CSAT) programme, which equips ICT professionals with three years’ working experience to pick up the requisite skills to switch sectors. The other training partners are Singtel, ST Electronics and Accel Systems and Technologies.
Some business leaders who oversee ongoing efforts to help build up Singapore's cybersecurity manpower pool include Mr Boye Vanell from BAE Systems (top-left); Quann’s Mr Foo Siang-tse (bottom-left); and Microsoft Singapore’s Ms Jessica Tan (right). (Photos: BAE Systems, Quann, Microsoft Singapore).
While Quann partners tertiary institutions like the National University of Singapore, the Singapore Management University, and Ngee Ann Polytechnic to get access to talent, others, like British multinational BAE Systems, aim to build up the cybersecurity ecosystem through collaborating with researchers and helping to incubate startup ideas.
One outcome of its partnership with Nanyang Technological University is a threat operating model designed by postgraduate students, built using BAE System’s tools and techniques.
“You need to create the interest in the industry. You do that by running research programmes, and you do that by bringing niche technology to startup companies to help close the gaps that customers face,” said Mr Boye Vanell, Regional Director of Asia at BAE Systems.
Microsoft Singapore’s Managing Director Jessica Tan, who oversaw the company’s opening of a new Transparency Center and Cybersecurity Center in Singapore this month, told Channel NewsAsia that apart from technical skills, other important attributes for cybersecurity professionals include “a growth mindset, curiosity, learning and resilience".
She said: “What is critical is building an ICT foundation in every student, which they can then extend and apply to every field they pursue, regardless of whether it is in biomedicine, behavioural economics or digital manufacturing, to name a few. ICT will touch every facet of the industry and government.”
According to Ms Tan, given that more citizens’ lives are touched by technology - at home, in schools and in the workplace - the talent pipeline of cybersecurity professionals is “both an economic and security imperative for Singapore”. This implies the difficulty in relying too heavily on foreign cybersecurity professionals to plug the gaps.
The unique nature of the industry also means it is relatively labour-intensive, and there are limits to plugging the gaps with technology like big data analytics.
“At the end of the day, the person at the other end of the kill chain - the perpetrator - is still a human being. Notwithstanding that fact that we have our own R&D labs, we’re looking at tapping on big data and threat intelligence - if the adversary is human, we need humans on our side,” said Mr Foo.
- CNA/ll
- wong chee tat :)
By Linette Lim Posted 14 Oct 2016 15:51 Updated 14 Oct 2016 16:00
SINGAPORE: In his speech launching Singapore’s national cybersecurity strategy earlier this week, Prime Minister Lee Hsien Loong warned of cyberattacks and threats “becoming more frequent and sophisticated, with more severe consequences”.
He pointed to how a cyberattack on the power grid in Ukraine last December left many Ukrainians without electricity for hours, and how hackers used malware to withdraw more than US$2 million (S$2.77 million) from ATMs in Taiwan in July this year. Closer to home, he said that there have been attacks on government networks and on the financial sector.
According to a 2014 report from Center for Strategic and International Studies, cybercrime costs Singapore an estimated S$1.25 billion annually.
Yet there is a decidedly acute shortage of IT security specialists that can be engaged to help fend off such online threats.
According to Communications and Information Minister Yaacob Ibrahim, there were 15,000 vacancies in the information and communications technology (ICT) sector last year, unchanged from 2014. More than two-thirds of these vacancies, he said, were for professionals, managers, executives and technicians (PMETs) or technical specialists in areas such as development, network and infrastructure, cybersecurity and data analytics.
Additionally, 2012 data from the Economic Development Board (EDB) showed that just 0.8 per cent of Singapore’s 144,300 ICT workers were IT security specialists, with a particularly acute shortfall in the middle and senior tiers.
MANPOWER GAP HINDERING CYBERCRIME FIGHT
This is why for vendors like Quann, which hires more than 300 certified security professionals in the region, a global shortage of cybersecurity manpower means fighting cybercrime is proving to be an uphill battle.
“There is a distinct (manpower and skills) gap, and the gap has widened. The proxy for that is the wage growth that we’ve seen in this sector. Wages have gone up quite substantially in the last two to three years. Based on some reports by third-party consultancies, wages are estimated to have gone up by 20 per cent per year, over the last couple of years,” said Quann’s managing director Foo Siang-tse.
According to Mr Foo, increasing digitisation of customer and business records and the proliferation of interconnected devices have resulted in greater avenues for cybercriminals, but “until recently”, educational institutions have not expanded capacity quickly enough to keep pace with demand in the sector.
To address this, part of the national cybersecurity strategy is to boost the cybersecurity profession in a number of ways. This includes instituting clear career pathways, promoting certification, and working with the industry and institutes of higher learning to attract new graduates and convert existing professionals from related fields.
WHAT ARE THE SKILLS NEEDED?
One of these organisations is ISACA, the international professional body formerly known as the Information Systems Audit and Control Association. Its Singapore Chapter says the Government is working with industry groups like theirs to offer training and certification programmes.
“Skills that are lacking now are in the areas of intrusion detection, security architecture and analysis, security incident management, secure software development, incident response and recovery,” said Mr John Lee, President of ISACA Singapore Chapter.
“Singapore is a global financial hub with high-end manufacturing and developed service industry. The need to safeguard against a major cyber breach is paramount to prevent erosion of trust by external stakeholders.”
Among the IHLs, the Singapore University of Technology (SUTD) only opened its doors four years ago. Professor Aditya Mathur, who oversees the university’s Information Systems Technology and Design pillar, said he has seen a rise in student enrollments and a growing number of students picking security classes.
“SUTD is not only offering courses in cybersecurity at the undergraduate level but also conducting outreach programmes aimed at raising cybersecurity awareness among secondary school students,” Prof Aditya added.
TAPPING ON EXISTING TALENT POOL
But it will be some time before these students join the workforce and contribute to the core of local cybersecurity talent. In the meanwhile, Mr Foo says Quann is doing its best to meet the manpower challenge through on-the-job training, or through converting existing IT professionals with adjacent skillsets.
The local company is one of four participating in the Cyber Security Associates and Technologists (CSAT) programme, which equips ICT professionals with three years’ working experience to pick up the requisite skills to switch sectors. The other training partners are Singtel, ST Electronics and Accel Systems and Technologies.
Some business leaders who oversee ongoing efforts to help build up Singapore's cybersecurity manpower pool include Mr Boye Vanell from BAE Systems (top-left); Quann’s Mr Foo Siang-tse (bottom-left); and Microsoft Singapore’s Ms Jessica Tan (right). (Photos: BAE Systems, Quann, Microsoft Singapore).
While Quann partners tertiary institutions like the National University of Singapore, the Singapore Management University, and Ngee Ann Polytechnic to get access to talent, others, like British multinational BAE Systems, aim to build up the cybersecurity ecosystem through collaborating with researchers and helping to incubate startup ideas.
One outcome of its partnership with Nanyang Technological University is a threat operating model designed by postgraduate students, built using BAE System’s tools and techniques.
“You need to create the interest in the industry. You do that by running research programmes, and you do that by bringing niche technology to startup companies to help close the gaps that customers face,” said Mr Boye Vanell, Regional Director of Asia at BAE Systems.
Microsoft Singapore’s Managing Director Jessica Tan, who oversaw the company’s opening of a new Transparency Center and Cybersecurity Center in Singapore this month, told Channel NewsAsia that apart from technical skills, other important attributes for cybersecurity professionals include “a growth mindset, curiosity, learning and resilience".
She said: “What is critical is building an ICT foundation in every student, which they can then extend and apply to every field they pursue, regardless of whether it is in biomedicine, behavioural economics or digital manufacturing, to name a few. ICT will touch every facet of the industry and government.”
According to Ms Tan, given that more citizens’ lives are touched by technology - at home, in schools and in the workplace - the talent pipeline of cybersecurity professionals is “both an economic and security imperative for Singapore”. This implies the difficulty in relying too heavily on foreign cybersecurity professionals to plug the gaps.
The unique nature of the industry also means it is relatively labour-intensive, and there are limits to plugging the gaps with technology like big data analytics.
“At the end of the day, the person at the other end of the kill chain - the perpetrator - is still a human being. Notwithstanding that fact that we have our own R&D labs, we’re looking at tapping on big data and threat intelligence - if the adversary is human, we need humans on our side,” said Mr Foo.
- CNA/ll
- wong chee tat :)
NUS and Singtel launch cybersecurity lab
NUS and Singtel launch cybersecurity lab
By Kimberly Spykerman Posted 24 Oct 2016 11:43 Updated 25 Oct 2016 00:15
SINGAPORE: The National University of Singapore (NUS) and Singtel on Monday (Oct 24) launched their joint cybersecurity laboratory aimed at protecting consumers against security breaches, data leaks and other online attacks.
Over the next five years, S$43 million from NUS, Singtel, and the National Research Foundation (NRF) will be pumped into the lab. "Such public-private R&D collaboration aligns public research to industry needs, and accelerates innovations to market," said Deputy Prime Minister Teo Chee Hean, who is also NRF's Chairman, at the launch event.
The new laboratory will focus on areas such as network, data and cloud computing security, among others.
Singtel CEO of Group Enterprise Bill Chang pointed out that many enterprises are constantly challenged by the increasingly sophisticated nature of cyber threats, and the new lab will allow them to develop and bring to market cybersecurity offerings more quickly to help these companies.
"What really differentiates this lab from other initiatives is the fact that we have an industrial partner,” said director of NUS-Singtel Cyber Security Research and Development Lab professor David Rosenblum. “So, they have very significant business problems that are related to cybersecurity, and the researchers at NUS are going to be exposed to these business problems.”
The lab will also increase Singapore's pool of cybersecurity professionals and raise their game, hosting 100 researchers and training 120 new cybersecurity professionals over the next five years.
"This will develop a strong talent pool critical to Singapore. The training will equip them with deep expertise in this growing area, and prepare them for employment opportunities, not just with Singtel, but also in the public sector and other companies," said Mr Teo.
The national cybersecurity strategy, which was announced by Prime Minister Lee Hsien Loong earlier this month, aims to boost the cybersecurity profession. This includes instituting clear career pathways, promoting certification, and working with the industry and institutes of higher learning to attract new graduates and convert existing professionals from related fields.
Singtel said it does not rule out collaborating with the other telcos in research and capability building, or in making the solutions commercially available to them.
- CNA/kk
- wong chee tat :)
By Kimberly Spykerman Posted 24 Oct 2016 11:43 Updated 25 Oct 2016 00:15
SINGAPORE: The National University of Singapore (NUS) and Singtel on Monday (Oct 24) launched their joint cybersecurity laboratory aimed at protecting consumers against security breaches, data leaks and other online attacks.
Over the next five years, S$43 million from NUS, Singtel, and the National Research Foundation (NRF) will be pumped into the lab. "Such public-private R&D collaboration aligns public research to industry needs, and accelerates innovations to market," said Deputy Prime Minister Teo Chee Hean, who is also NRF's Chairman, at the launch event.
The new laboratory will focus on areas such as network, data and cloud computing security, among others.
Singtel CEO of Group Enterprise Bill Chang pointed out that many enterprises are constantly challenged by the increasingly sophisticated nature of cyber threats, and the new lab will allow them to develop and bring to market cybersecurity offerings more quickly to help these companies.
"What really differentiates this lab from other initiatives is the fact that we have an industrial partner,” said director of NUS-Singtel Cyber Security Research and Development Lab professor David Rosenblum. “So, they have very significant business problems that are related to cybersecurity, and the researchers at NUS are going to be exposed to these business problems.”
The lab will also increase Singapore's pool of cybersecurity professionals and raise their game, hosting 100 researchers and training 120 new cybersecurity professionals over the next five years.
"This will develop a strong talent pool critical to Singapore. The training will equip them with deep expertise in this growing area, and prepare them for employment opportunities, not just with Singtel, but also in the public sector and other companies," said Mr Teo.
The national cybersecurity strategy, which was announced by Prime Minister Lee Hsien Loong earlier this month, aims to boost the cybersecurity profession. This includes instituting clear career pathways, promoting certification, and working with the industry and institutes of higher learning to attract new graduates and convert existing professionals from related fields.
Singtel said it does not rule out collaborating with the other telcos in research and capability building, or in making the solutions commercially available to them.
- CNA/kk
- wong chee tat :)
Deutsche Bank promises faster revamp as braces for US fine
Deutsche Bank promises faster revamp as braces for US fine
Posted 27 Oct 2016 13:35 Updated 27 Oct 2016 16:10
FRANKFURT: Deutsche Bank chief John Cryan pledged on Thursday to redouble restructuring efforts, warning that the bank faces tough times as it seeks to finalize talks with U.S. justice authorities over a multi billion dollar fine.
Germany's biggest lender posted an unexpected quarterly profit, benefiting from a subdued rebound in bond trading, but which failed to dispel the cloud of uncertainty that drove clients to withdraw billions of euros.
"The quarter was clearly overshadowed by the attention paid to our negotiations concerning the U.S. Department of Justice’s initial settlement proposal relating to our RMBS (residential mortgage-backed securities) matters. This has created uncertainty," Cryan told a conference call.
"Uncertainty that affects the market’s view of DB as an investment, uncertainty that affected some client views of Deutsche Bank as a counterparty and uncertainty that even affects our financial planning and strategy execution."
In a letter to staff, Cryan wrote: "Unfortunately, we have to assume that the situation will stay difficult for a while," adding the bank was working hard to wrap up negotiations for the fine "as soon as possible".
"We will ... accelerate and intensify our restructuring," he wrote, referring also to a deteriorating environment more generally in certain important sectors.
After weeks of negative headlines, Deutsche was however able to announce an unexpected net profit of 278 million euros (US$303 million) in the third quarter, lifted by a surge in bond trading that boosted all Wall Street banks.
The jump helped send the bank's shares initially to a more than one-month high, though they retreated to be down 0.4 percent at 13.245 euros by 0739 GMT.
TOXIC SECURITIES
Nonetheless, negotiations over a US$14 billion demand from the U.S. Department of Justice (DoJ) for misselling toxic mortgage-backed securities before the 2007-2009 financial crisis set a bleak backdrop.
After weeks of speculation about how this demand has rocked confidence in Germany's one-time flagship lender, the results gave some insight.
In its retail and wealth management business, clients withdrew 9 billion euros in the third quarter. The bank, which had assets in that division of almost 440 billion euros, said outflows had since abated.
Its so-called global markets trading business was also hit.
Cryan said the bank had liquidity reserves of 200 billion euros, a fall from the more than 215 billion he had outlined on Sept. 30. In June, the bank had 223 billion euros.
Deutsche Bank set aside more money for its legal bill for numerous past missteps. Litigation reserves rose to 5.9 billion from 5.5 billion at the end of June.
Revenue grew slightly at 7.5 billion euros, ahead of analysts' expectations, mainly driven by Deutsche's trading, while business declined in other operating areas.
Its cash-cow bond trading division, which has volatile revenue and tough capital requirements to meet, was up 14 percent. Compared with its peers, however, bond trading showed a modest rebound, in part due to trimming the unit.
In equities trading, Deutsche Bank saw revenue decline as low stock market volatility gave investors less reason to trade, while revenue from corporate and investment banking fell by 1 percent.
(Additional reporting by Andreas Kroener and Kathrin Jones; Writing by John O'Donnell and Arno Schuetze; Editing by David Holmes)
- Reuters
- wong chee tat :)
Posted 27 Oct 2016 13:35 Updated 27 Oct 2016 16:10
FRANKFURT: Deutsche Bank chief John Cryan pledged on Thursday to redouble restructuring efforts, warning that the bank faces tough times as it seeks to finalize talks with U.S. justice authorities over a multi billion dollar fine.
Germany's biggest lender posted an unexpected quarterly profit, benefiting from a subdued rebound in bond trading, but which failed to dispel the cloud of uncertainty that drove clients to withdraw billions of euros.
"The quarter was clearly overshadowed by the attention paid to our negotiations concerning the U.S. Department of Justice’s initial settlement proposal relating to our RMBS (residential mortgage-backed securities) matters. This has created uncertainty," Cryan told a conference call.
"Uncertainty that affects the market’s view of DB as an investment, uncertainty that affected some client views of Deutsche Bank as a counterparty and uncertainty that even affects our financial planning and strategy execution."
In a letter to staff, Cryan wrote: "Unfortunately, we have to assume that the situation will stay difficult for a while," adding the bank was working hard to wrap up negotiations for the fine "as soon as possible".
"We will ... accelerate and intensify our restructuring," he wrote, referring also to a deteriorating environment more generally in certain important sectors.
After weeks of negative headlines, Deutsche was however able to announce an unexpected net profit of 278 million euros (US$303 million) in the third quarter, lifted by a surge in bond trading that boosted all Wall Street banks.
The jump helped send the bank's shares initially to a more than one-month high, though they retreated to be down 0.4 percent at 13.245 euros by 0739 GMT.
TOXIC SECURITIES
Nonetheless, negotiations over a US$14 billion demand from the U.S. Department of Justice (DoJ) for misselling toxic mortgage-backed securities before the 2007-2009 financial crisis set a bleak backdrop.
After weeks of speculation about how this demand has rocked confidence in Germany's one-time flagship lender, the results gave some insight.
In its retail and wealth management business, clients withdrew 9 billion euros in the third quarter. The bank, which had assets in that division of almost 440 billion euros, said outflows had since abated.
Its so-called global markets trading business was also hit.
Cryan said the bank had liquidity reserves of 200 billion euros, a fall from the more than 215 billion he had outlined on Sept. 30. In June, the bank had 223 billion euros.
Deutsche Bank set aside more money for its legal bill for numerous past missteps. Litigation reserves rose to 5.9 billion from 5.5 billion at the end of June.
Revenue grew slightly at 7.5 billion euros, ahead of analysts' expectations, mainly driven by Deutsche's trading, while business declined in other operating areas.
Its cash-cow bond trading division, which has volatile revenue and tough capital requirements to meet, was up 14 percent. Compared with its peers, however, bond trading showed a modest rebound, in part due to trimming the unit.
In equities trading, Deutsche Bank saw revenue decline as low stock market volatility gave investors less reason to trade, while revenue from corporate and investment banking fell by 1 percent.
(Additional reporting by Andreas Kroener and Kathrin Jones; Writing by John O'Donnell and Arno Schuetze; Editing by David Holmes)
- Reuters
- wong chee tat :)
McAfee DAT version = 8330 (oct 26th 2016)
McAfee DAT version = 8330 (oct 26th 2016)
Link: here ( Select Yes. And it keeps getting updated daily. Region=US)
- wong chee tat :)
Link: here ( Select Yes. And it keeps getting updated daily. Region=US)
- wong chee tat :)
System Status: File Server Maintenance
System Status: File Server Maintenance
The file server is temporarily down for routine disk maintenance.
- wong chee tat :)
The file server is temporarily down for routine disk maintenance.
- wong chee tat :)
Scheduled Maintenance - POSB
Scheduled Maintenance - POSB
We are constantly upgrading our systems to bring you a more pleasant banking experience. During the mentioned period of scheduled maintenance, some of the services will not be available:
Bank Website | ||
|---|---|---|
Date
|
Maintenance Period
|
Services under Maintenance
|
23 Oct 2016
|
0200hrs to 0400hrs
|
Document Upload for the following application(s) :
- New Credit Card Application - Cashline Application |
iBanking | ||
|---|---|---|
Date
|
Maintenance Period
|
Services under Maintenance
|
Every Sunday
|
0400hrs to 0700hrs
|
System Maintenance
- Foreign Currency Current Account (FCCA) - Foreign Currency Fixed Deposit (FCFD) - Multi-currency Autosave (MCA) - Multiplier Account |
23 Oct 2016
|
0000hrs to 0600hrs
|
System Maintenance
- Fast Funds Transfer to Other Bank (New/Existing Payee) - Adhoc Fast Funds Transfer to Other Bank |
23 Oct 2016
|
0000hrs to 0700hrs
|
- Token Replacement
- Token Registration |
23 Oct 2016
|
0250hrs to 0255hrs
0640hrs to 0645hrs |
- MCSA Funds Transfer, and Portfolio Enquiry
|
23 Oct 2016
|
0250hrs to 0645hrs
|
- Online Funds Trading (OET)
|
23 Oct 2016
|
0250hrs to 1345hrs
|
- Online Equity Trading (OET)
|
5 Nov 2016
to 6 Nov 2016 |
1000hrs to 1300hrs
|
- iB trading services
- Online Equity Trading (OET) |
digibank app | ||
|---|---|---|
Date
|
Maintenance Period
|
Services under Maintenance
|
23 Oct 2016
|
0000hrs to 0600hrs
|
System Maintenance
- Fast Funds Transfer to Other Bank (New/Existing Payee) - Adhoc Fast Funds Transfer to Other Bank |
23 Oct 2016
|
0000hrs to 0700hrs
|
- Token Replacement
- Token Registration |
23 Oct 2016
|
0250hrs to 0255hrs
0640hrs to 0645hrs |
- MCSA Funds Transfer, and Portfolio Enquiry
|
- wong chee tat :)
Subscribe to:
Posts (Atom)