The Cyber Security Agency (CSA) of Singapore was surprised that tech giant IBM pointed to online traffic in Singapore as the source of attacks that has caused the collapse of a web site in Australia, saying it was “strange that IBM Australia reached such a conclusion” without notifying CSA prior the issue.
Yesterday (25 Oct), news media reported that IBM, the lead contractor for the Australian Bureau of Statistics (ABS) website, apologised at a senate inquiry in Australia over the 9 August site’s 40-hour shutdown and stated the cause was due to a distributed denial-of-service (DDoS) attack from Singapore.
A DDoS attack is done by flooding servers with Internet requests, overwhelming it and subsequently disables websites temporarily. Kerry Purcell, the managing director of IBM Australia and New Zealand told Reuters that the attacks were originated from a router in Singapore.
CSA said in a press statement yesterday, “We are surprised at media reports on IBM Australia’s assertions that the majority of international traffic which caused the crash of the (ABS) census website originated from Singapore.”
“For matters of such nature, it is usual practice for national Computer Emergency Readiness Teams (Certs) to make inquiries and seek assistance from one another. In this instance, our SingCert was not informed of any such attack by Cert Australia. We were also not approached at any point. As such, it is strange that IBM Australia reached such a conclusion.”
The agency said, “There may have been possible misunderstanding in the news reporting of this issue, which incorrectly attributed the DDoS attack source to Singapore. We are ready to assist the Australian authorities where required.”
CSA also said that it has contacted Cert Australia and was told that there was some internal ABS infrastructure hosted in Singapore.
Singapore had also recently experienced internet breaks down twice within three days.
StarHub had said on Tuesday (25 October) that according to the inspection and analysis of network logs from the home broadband incidents on 22 and 24 October, it was caused by intentional and likely malicious DDoS attacks on its DNS.