By Richard Pain
Nov. 16, 2016
14 July 2016: Singapore Exchange Suffers It's Longest Trading Outage
Trading of securities on the Singapore Exchange (SGX) was shut early on 14 July after a suspension was imposed at 11.38am due to a hardware issue. Failing to follow through on two pledges to reopen, the market remained closed for the rest of the day and resumed trading the following morning. Following the outage, Singapore Exchange CEO, Loh Boon Chye stated: "Our recovery time has to be better and we must minimise downtime for market participants".
Cause: An unreported hardware issue.
Downtime: Over 5 hours.
Significance: Disrupted trading to Southeast Asia's largest stock market.
9 August 2016: Australia's eCensus Hit by Major DDoS Attack
Thousands of Australians were prevented from taking part in the census due to a major DDoS attack, which led to a hardware failure, the overload of a router and a false alarm about the attack.
Cause: Lack of DDoS protection.
Downtime: 43 hours.
Significance: The collapse of the website caused embarrassment for the Australian government and caused outcries from citizens and the opposition.
22 and 24 October 2016: StarHub's Broadband Service Hit by DDoS Attacks
Following the massive internet disruption in the U.S. on 21 October, Singapore telco StarHub reported two DDoS attacks which forced some of its home broadband users offline. StarHub reported that the attacks were "unprecedented in scale, nature and complexity". It went on to add: "On both occasions, we mitigated the attacks by filtering unwanted traffic and increasing our DNS capacity, and restored service within two hours. No impact was observed on the rest of our services, and the security of our customers' information was not compromised." This was the first cyberattack of nature the affect Singapore's telco infrastructure.
Cause: DDoS attacks from malware-infected routers and webcams.
Downtime: Two hours.
Significance: Temporary downtime and brand damage.
While these incidents represent just a handful of examples throughout 2016, it's worth asking whether there's an underlying factor leading to these incidents.
The first point to mention is (as we all know), due to human nature and the ongoing battle between cyber-attacks and defences, nothing is 100 percent secure or reliable. So whether an IT disruption is caused by a malicious attack, a power outage or a software failure, it's not just a matter of trying to avoid it in the first place, but how quickly you can recover from it. In each of the cases above, the organisations were able to recover following the outage, but not fast enough to avoid backlash and reputation damage due to the downtime.