"This is not the first time we've
experienced DoS attacks, but the latest series of attacks
-- which began around early March -- has been the worst
and most frequent we've experienced so far.
"They've caused congestion and the
slow data rates experienced by Streamyx subscribers, as
well as problems with authentication," he said.
According to Baharum, when TM Net
support staff resets one part of the system which had
hung, the attack would resume again soon after on another
part of the system.
"We've been having sleepless nights
trying to solve the problems caused by these attacks,
which come in rapid succession," he said.
Baharum claimed TM Net had isolated
the problem yesterday night, and will be working over the
weekend to analyse it in detail to try and identify the
source or sources of the attacks.
So far, the attacks seem to be
coming from various local and overseas IP (Internet
Protocol) addresses, but TM Net believes the addresses it
has identified are surrogate addresses used to disguise
the identity of the actual culprit or culprits.
The company had not filed a police
report as at press time, citing the need to gather more
accurate information first, a TM Net spokesman later told
In.Tech.
Being picked on
Baharum would not speculate on
whether the recent attacks were politically motivated
because of Malaysia's stand against the possible US attack
on Iraq and the anti-war resolution adopted by the
Non-Aligned Movement (NAM) meeting in Kuala Lumpur last
month.
As for why only TM Net's Streamyx
service was being targeted, and not its ISDN (Integrated
Services Digital Network) or dialup services, TM Net
engineers believe that it's because Streamyx uses a lot
more hardware and software. It also goes through a digital
subscriber line access module (DSLAM) and Telekom
Malaysia's COINS network.
Thus, Streamyx presents more targets
for malicious parties to attack.
"Moreover, with Streamyx being
always-on, and especially with home users generally not
taking the same precautions to install firewalls and other
such protective measures, their computers are easy prey
for attackers who can make their PCs surrogate sources of
attack without their knowledge," said Baharum.
Broad swathe of complaints
The Streamyx service has been under
constant fire from irritated consumers since it was
launched last June. Almost all aspects of the service have
been heavily criticised -- from the long delays in
processing applications and finally getting the service
installed, to billing irregularities and the intermittent
service quality.
TM Net had called the emergency
press conference today after In.Tech had presented
excerpts from many readers' letters to Energy,
Communications and Multimedia Minister Datuk Amar Leo
Moggie, who had officiated at the groundbreaking ceremony
for the Malaysian Communications and Multimedia
Commission's new building in Cyberjaya (see Star
Business today) yesterday.
Two readers spoke about the slow
Streamyx service, the difficulty in getting through to
Streamyx customer support at 1-300-88-9515, and the
support staff's inability to provide sensible answers.
"Streamyx service had been fine
since I started using it about three months ago, but
within the last two weeks it's been as slow -- if not
slower -- than a 56 Kbps modem," said Mohamed Ridzuan
Abdullah, who installed Streamyx in his apartment in Taman
Seputeh near Brickfields, Kuala Lumpur.
Another reader, an IT officer with a
securities firm in Shah Alam, complained that his company
headquarters and its three branches all experienced
instabilities with Streamyx service, which took a turn for
the worst and went down for six days beginning Feb 28.
Both readers complained bitterly
about the difficulty in getting through to the Streamyx
helpline, and of not getting any sensible answers when
they eventually did.
According to Baharum, TM Net's
Streamyx servers in Brickfields -- which serve about 400
subscribers (about 2% of its Streamyx subscriber base) --
was the worst affected by the attacks.
Like a traffic jam in one part of
town affecting traffic elsewhere, the congestion in
Brickfields caused slowdowns in other parts of the system,
which was what was experienced by users in Shah Alam and
other places.
"Our callcentre has been receiving
5,000 calls per day, which had overwhelmed the ability of
its 100 agents to handle -- this is why callers had to
wait so long for a reply," said Baharum.
"We apologise for the inconvenience
caused by these attacks and we are considering customer's
requests that we reimburse them for the drop in our
service resulting from these attacks," he added.
