Starhub connectivity was disrupted twice in two days.
Starhub mentioned that the disruption was caused by their subscribers who used unauthorised third party devices such as broadband routers and webcams. These devices were infected with malware and turned into instruments that streamed illegitimate traffic to the DNS, resulting in an overload that disrupted Web connection for broadband users.
It was an attack on our infrastructure.
As Singapore prepares itself to be a smart nation by aggressively increasing its infrastructure to harnesses the power of networks, data and info-comm technologies to improve living, create economic opportunity and build a closer community, we must not forget that a Smart Nation is built not by Government, but by all of us – citizens.
Judging by the comments when the internet went down – Singaporeans still have some way to go to become worthy of a smart nation.
I strongly believe that Singaporeans are better than this.
For the sake of our Smart Nation future, we are, spoon-feeding you some recommended actions. (via SingCERT) and take responsibility for protecting our own infrastructure.
Securing your Internet-connected devices is critical to protecting your own system. It also helps to ensure that your Internet-connected devices at home are not inadvertently part of a network of “bots” that can be activated to attack others.
We recommends taking the following steps to safeguard yourselves and in turn, the Internet and Singapore:
- Check for software updates regularly and install them: If your device, such as the Wi-Fi router, has a firmware update available, install it immediately. If you have fallen behind on operating system updates, consider activating fully automatic updates so you won’t forget again. A hole that could be patched is a hole that should be patched.
- Turn off remote access to your Internet-connect devices like cameras and printers: Some connected devices allow others to access it from a location away from you. That may be useful for troubleshooting, but crooks will exploit that gap to enter your system or network. Check that your device allows you to block such remote access, and turn on that option.
- Change all device passwords so you don’t have any defaults. Many devices come pre-configured with usernames and passwords such as “admin” or “password” respectively. These can easily be found by hackers and by malware like Mirai. A default password is as bad as no password, thus it is important for you to change the default password immediately.
- Scan your own network for security holes. For advanced users, there are tools such as Nmap can help you find holes before the crooks do.