All 21 DBS hacking victims were broadband users
Broadband's fixed charges lead many to leave PCs logged on permanently
By Catherine Ong , Business Times
12 Jul 2002


(SINGAPORE) All 21 DBS Bank customers whose computers were recently hacked into and their funds illegally transferred out had one common link - they were users of broadband services.

A police spokeswoman yesterday told BT: 'Yes, they were all broadband users.' She declined to give further details pending the completion of investigations.

The 21 customers lost a total of $62,000 on June 19 in the widely publicised online banking fraud. Their accounts were hacked into by a 30-year-old Chinese national who captured their user-identification codes and passwords by means of a Trojan Horse program.

In less than two hours, the thief transferred between $200 and $4,999 from each account to his own DBS account, withdrew the money at the branch and skipped town.

Broadband services provided by SingTel, Singapore CableVision (SCV) and Pacific Internet allow users to access the Internet at high-speed connections, often 10-20 times faster than a traditional dial-up service.

Computer experts said broadband users are more vulnerable to hacking because many of them leave their Internet connections on when not in use. This is because broadband service providers charge a fixed rate every month regardless of usage.

Both SingTel and SCV said they have not been contacted by the police to help in the investigation.

Thomas Ee, SCV's senior vice-president for broadband engineering services, noted: 'We've always told our customers that they should install firewall especially if they are going to keep their computers on all the time.'

As an added precaution, the SCV's website advises its subscribers to:


disable their file and printer-sharing options in their operating system
not run programs that already have security problems
download free firewall software like Zonealarm; and
install anti-virus software and update the program regularly.
Mr Ee pointed out that once a user is logged on to the Internet, the risks of a hacker attacking his system is the same whether he is using a dial-up or a broadband connection, and whether his broadband is via SCV's cable modem's shared network or SingTel's ADSL technology.

But if a user keeps his connection live even when he is not surfing the Net, he is more vulnerable than someone who switches off his computer after use.

Responding to queries, SingTel said in a statement that it is common knowledge that once a computer is connected to the Internet, it is vulnerable to threats of malicious acts.

'To minimise exposure to such threats, users need to keep their computer systems secure. SingTel has its own firewall protection for our services. Nevertheless, we would suggest that users install security software or firewall to protect their computers and check computer logs regularly for unusual activities.'