The Singapore government has awarded a bulk tender for S$50m (reported by Straits Times) the provision of Distributed Denial of Service (DDoS) mitigation services to a consortium of six companies, as part of a three-year contract. The consortium will provide DDoS mitigation services to government ministries, government departments, organs of state, statutory boards and participating universities.
The consortium includes the two largest local telecom companies, Singtel and StarHub, Britain- based telco BT, and Singapore- based technology companies CHJ Technologies, Evvo Labs and Embrio Enterprises.
In a denial-of-service (DoS) attack the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled. In a DDoS attack, the incoming traffic flooding the victim originates from many different sources. This effectively makes it impossible to stop the attack simply by blocking a single source.
The mitigation services are expected to ensure that the government websites remain accessible by the public in the event of DDoS attacks.
According to the inaugural “Singapore Cyber Landscape” report issued by the Cyber Security Agency of Singapore, more than 60 Command & Control (C&C) servers were detected in Singapore in 2016. Potentially, C&C servers could be used to control botnets – a network of compromised computers ¬– that in turn could be mobilised for DDoS attacks.
Globally, in 2016, IoT devices like Wi-Fi routers and webcams were hijacked to launch DDoS attacks, such as the attack on Domain Name System (DNS) provider Dyn, which forms a part of the core infrastructure of the Internet. Over 80 organisations, including Twitter, Amazon, AirBnB, Github, Spotify were affected.
StarHub’s Home Broadband Network suffered disruptions on October 22 and 24, 2016. It was initially thought to be DDoS attacks. But the Infocomm Media Development Authority (IMDA) said in April 2017 that according to investigations, the disruptions were caused by a surge in legitimate Domain Name System (DNS) traffic.
In May 2017, unauthorised intrusions into the IT networks of the Nanyang Technological University (NTU) and the National University of Singapore (NUS) were detected. Based on investigations, both the attacks were found to be the work of Advanced Persistent Threat (APT) actors, which assisted the affected universities to conduct forensic investigations and also with incident response and measures to mitigate potential impact.
In February 2017, the Ministry of Defence (MINDEF) detected a breach in its I-net system (I-net). Investigations revealed that basic personal data, comprising NRIC numbers, telephone numbers, and dates of birth of around 850 servicemen and employees were stolen from I-net. However, no classified military information was lost as it is not stored in the I-net system.