Singapore ISP Leaves 1,000 Routers Open to Attack
Southeast Asian telcom giant Singapore Telecommunications Limited left approximately 1,000 customer routers wide open to a potential attack via an unprotected port. The flub occurred after the region’s largest ISP conducted remote maintenance on affected routers and failed to secure equipment when the work was complete, according to NewSky Security.
“The root cause was that port forwarding was enabled by the SingTel customer service staff to troubleshoot WiFi issues for their customers and it was not disabled when the issues were resolved,” said Ankit Anubhav, principal security researcher at NewSky Security, who discovered the security lapse last week.
NewSky Security alerted the region’s Singapore Computer Emergency Response Team (SingCERT) that worked with Singapore Telecommunications Limited (SingTel) to resolve the issue.