SINGAPORE (April 24): The Infocomm Media Development Authority (IMDA) says StarHub’s home broadband network disruptions in October last year were caused by a surge in legitimate Domain Name System (DNS) traffic, and not a Distributed Denial of Service (DDoS) attack as initially suspected.

In a press release on April 21, IMDA says its in-depth investigation, held together with the Cyber Security Agency of Singapore (CSA), “did not uncover any evidence to suggest that the cause of the incidents was a DDoS attack on StarHub’s network infrastructure”.

Instead, further analysis showed StarHub’s home broadband infrastructure was overloaded due to a higher-than-usual increase in traffic largely driven by legitimate DNS requests.

“The intermittent failure of the DNS servers to respond to some requests resulted in repeated retries from affected customers and could have exacerbated the situation,” IMDA says.

IMDA says it has warned StarHub over the incidents, and will not hesitate to take sterner action should a similar incident happen in future.

IMDA notes that the telco has since taken the necessary steps to mitigate future risks, including boosting its home broadband DNS server capacity and enhancing traffic monitoring.

However, it has ordered StarHub to engage an independent expert to undertake a review of its DNS and other associated infrastructure.

The disruptions last year affected some StarHub home fibre broadband customers in several parts of Singapore.

Affected customers encountered intermittent difficulties accessing the internet for 130 minutes on Oct 24 and for 55 minutes on Oct 24.

“We assure our customers and the regulator that we will continuously review our security posture and enhance network resilience in partnership with network and security providers,” StarHub says in a media statement on Friday.

As at 1.15pm, shares of StarHub were trading flat at S$2.78.