SINGAPORE: More stress tests and stricter change management controls are some of the measures telecommunication operators can take to minimise instances of mobile service outages, said experts.
Singtel customers reported connectivity issues on three consecutive days last week, as well as Monday (Mar 23) this week.
Professor Anthony Tung from the National University of Singapore’s School of Computing said that telcos could conduct more stress tests and implement better real-time monitoring of systems.
“Operators need earlier warning signs. Better real-time monitoring and anomaly detection, including AI tools where useful, can help spot unusual behaviour before it becomes a larger disruption,” he added.
CNA Games
Show More Show Less
On Mar 19, Singtel Singapore CEO Ng Tian Chong apologised for the outages and said that the disruption that occurred on the first day - lasting more than nine hours - was due to a "mechanical fault".
Separately, on Mar 17, about 2,000 customers faced mobile connectivity issues due to “a software bug from an earlier pre-planned IT system upgrade”.
Following those disruptions, the company carried out some network reconfigurations to further stabilise and optimise performance, Mr Ng added.
During this process, there was a brief spike in network traffic at around 5.30pm on Mar 18. However, he said that this was resolved within about an hour.
Mr Ng added that these events were unrelated to one another.
Ms Asha Hemrajani, who has worked in the telecommunications industry for over two decades, said that outages are generally not uncommon, and some of them can be prevented from a governance and design perspective.
She said it is important for telcos to conduct more forced failure testing and system failure simulations, not just audits, in order to discover if their networks have any points of failure.
“That’s for operators to figure out what could possibly go wrong and take steps for prevention,” said Ms Hemrajani, who is now a senior fellow at the S Rajaratnam School of International Studies (RSIS).
It is also important to have strict controls for managing changes within a system, such as software upgrades, she added.
Associate Professor Eric Kwon, who is from Nanyang Technological University’s business school, said that it is important to have tighter change management and maintenance discipline, because many outages have been linked to migrations, upgrades, configuration changes or delayed firmware action.
Ms Camellia Chan, CEO of cybersecurity firm Flexxon, said that reducing disruptions requires both sound engineering and deliberate governance.
“On the engineering front, the fundamentals remain: build redundancy, control change, and test failover regularly with scenario-based exercises.
“The goal is not zero incidents - that is unrealistic - but ensuring systems fail safely and recover quickly, even when issues happen in quick succession or involve different parts of the ecosystem,” she said.
Ms Chan added: “But engineering decisions do not exist in a vacuum. Governance structures determine how systems are designed, who is accountable when failures occur, and whether recovery is treated as a first-class concern rather than an afterthought.
“Regulators and operators both have a role in setting those expectations clearly.”
In December last year, Singtel was fined S$1 million for a landline disruption in 2024 that affected half a million users. More than 500,000 users were affected for more than four hours, including the public’s access to customer service lines for some government agencies, healthcare organisations, banks and companies.
Emergency call services were also affected.
In 2020, the Infocomm Media Development Authority (IMDA) fined StarHub S$210,000 and M1 S$400,000 for internet disruptions during the COVID-19 circuit breaker.
Given how interconnected the world is today, service outages can lead to serious real-world consequences, experts told CNA.
“The stability of telcos is very important because we’ve become a digital society,” said Ms Hemrajani.
“The interdependency is the risk, it’s not just the telco, it's what the telco (services) can do, such as give us access to financial systems, government e-services."
Prof Tung said that the impact of outages goes well beyond calls and text messages.
“Many people now rely on mobile networks as their primary means of accessing the internet – for payments, transport, work, and everyday services.
“So even if the wider internet remains functional, mobile network disruptions can render many of these services effectively inaccessible to users,” he said.
“That is why an outage can quickly disrupt daily life and business activities. It is also a
reminder that important services and organisations should not rely on a single access
channel, but should have fallback options in place.”
He added that telcos need to be regarded as a key part of “national resilience” from both a security and an operational standpoint.
“Telecommunications are high-concentration infrastructure. They underpin communications for consumers, enterprises, and critical services simultaneously, which means risks and impacts are highly concentrated in one place,” added Ms Chan.
“When something goes wrong - whether through a cyberattack, a configuration error, or a supply-chain compromise - the consequences ripple across the entire ecosystem at once.”
On the cybersecurity front, it was revealed earlier this year that all four of Singapore’s major telcos were the targets of a cyberattack by UNC3886. However, the authorities said that there is no evidence so far that any sensitive customer data was stolen.
Mr Affandy Johan, an industry analyst from Ookla, a company that specialises in internet testing and analysis, said that telcos are “inevitably high-value targets”.
“This is not specific to Singapore. Telcos serve as the connectivity layer for every other critical infrastructure sector, making them a strategic focus for sophisticated threat actors worldwide,” he said.
“What stands out about Singapore is the effectiveness of its response … Singapore's detection and containment compares favourably to experiences in other markets where similar intrusions persisted for significantly longer periods before discovery.”
Last month, it was announced that the government will help critical information infrastructure owners (CIIOs) defend against cyberattacks with new measures, including equipping them with proprietary threat detection systems.
The proprietary tools, developed by the Centre for Strategic Infocomm Technologies (CSIT), will complement commercial threat detection systems used by CIIOs. The CSIT is a technical agency in the Ministry of Defence.
Singapore’s 11 CII sectors are energy, water, banking and finance, healthcare, land transport, maritime, aviation, infocomm, media, security and emergency services and government.
In response to queries from CNA on safeguards to prevent service disruptions, StarHub said cybersecurity remains a “critical priority” and that it will continue to strengthen capabilities to safeguard customers and infrastructure.
“We take our role in safeguarding Singapore’s critical infrastructure seriously and work closely with relevant authorities. As a Singapore company, we remain committed to supporting broader national resilience efforts,” said the telco spokesperson.
Simba said that it has “service resiliency systems” in place and a 24/7 team monitors the network.
“We have been working closely with CSA and IMDA on all matters relating to cybersecurity,” added the telco.
Singtel did not respond to CNA’s queries.
Continue reading...
Singtel customers reported connectivity issues on three consecutive days last week, as well as Monday (Mar 23) this week.
Professor Anthony Tung from the National University of Singapore’s School of Computing said that telcos could conduct more stress tests and implement better real-time monitoring of systems.
“Operators need earlier warning signs. Better real-time monitoring and anomaly detection, including AI tools where useful, can help spot unusual behaviour before it becomes a larger disruption,” he added.
CNA Games
Show More Show Less
On Mar 19, Singtel Singapore CEO Ng Tian Chong apologised for the outages and said that the disruption that occurred on the first day - lasting more than nine hours - was due to a "mechanical fault".
Separately, on Mar 17, about 2,000 customers faced mobile connectivity issues due to “a software bug from an earlier pre-planned IT system upgrade”.
Following those disruptions, the company carried out some network reconfigurations to further stabilise and optimise performance, Mr Ng added.
During this process, there was a brief spike in network traffic at around 5.30pm on Mar 18. However, he said that this was resolved within about an hour.
Mr Ng added that these events were unrelated to one another.
Related:
Ms Asha Hemrajani, who has worked in the telecommunications industry for over two decades, said that outages are generally not uncommon, and some of them can be prevented from a governance and design perspective.
She said it is important for telcos to conduct more forced failure testing and system failure simulations, not just audits, in order to discover if their networks have any points of failure.
“That’s for operators to figure out what could possibly go wrong and take steps for prevention,” said Ms Hemrajani, who is now a senior fellow at the S Rajaratnam School of International Studies (RSIS).
It is also important to have strict controls for managing changes within a system, such as software upgrades, she added.
Associate Professor Eric Kwon, who is from Nanyang Technological University’s business school, said that it is important to have tighter change management and maintenance discipline, because many outages have been linked to migrations, upgrades, configuration changes or delayed firmware action.
Ms Camellia Chan, CEO of cybersecurity firm Flexxon, said that reducing disruptions requires both sound engineering and deliberate governance.
“On the engineering front, the fundamentals remain: build redundancy, control change, and test failover regularly with scenario-based exercises.
“The goal is not zero incidents - that is unrealistic - but ensuring systems fail safely and recover quickly, even when issues happen in quick succession or involve different parts of the ecosystem,” she said.
Ms Chan added: “But engineering decisions do not exist in a vacuum. Governance structures determine how systems are designed, who is accountable when failures occur, and whether recovery is treated as a first-class concern rather than an afterthought.
“Regulators and operators both have a role in setting those expectations clearly.”
In December last year, Singtel was fined S$1 million for a landline disruption in 2024 that affected half a million users. More than 500,000 users were affected for more than four hours, including the public’s access to customer service lines for some government agencies, healthcare organisations, banks and companies.
Emergency call services were also affected.
In 2020, the Infocomm Media Development Authority (IMDA) fined StarHub S$210,000 and M1 S$400,000 for internet disruptions during the COVID-19 circuit breaker.
Related:
Given how interconnected the world is today, service outages can lead to serious real-world consequences, experts told CNA.
“The stability of telcos is very important because we’ve become a digital society,” said Ms Hemrajani.
“The interdependency is the risk, it’s not just the telco, it's what the telco (services) can do, such as give us access to financial systems, government e-services."
Prof Tung said that the impact of outages goes well beyond calls and text messages.
“Many people now rely on mobile networks as their primary means of accessing the internet – for payments, transport, work, and everyday services.
“So even if the wider internet remains functional, mobile network disruptions can render many of these services effectively inaccessible to users,” he said.
“That is why an outage can quickly disrupt daily life and business activities. It is also a
reminder that important services and organisations should not rely on a single access
channel, but should have fallback options in place.”
He added that telcos need to be regarded as a key part of “national resilience” from both a security and an operational standpoint.
“Telecommunications are high-concentration infrastructure. They underpin communications for consumers, enterprises, and critical services simultaneously, which means risks and impacts are highly concentrated in one place,” added Ms Chan.
“When something goes wrong - whether through a cyberattack, a configuration error, or a supply-chain compromise - the consequences ripple across the entire ecosystem at once.”
HIGH-VALUE TARGETS
On the cybersecurity front, it was revealed earlier this year that all four of Singapore’s major telcos were the targets of a cyberattack by UNC3886. However, the authorities said that there is no evidence so far that any sensitive customer data was stolen.
Mr Affandy Johan, an industry analyst from Ookla, a company that specialises in internet testing and analysis, said that telcos are “inevitably high-value targets”.
“This is not specific to Singapore. Telcos serve as the connectivity layer for every other critical infrastructure sector, making them a strategic focus for sophisticated threat actors worldwide,” he said.
“What stands out about Singapore is the effectiveness of its response … Singapore's detection and containment compares favourably to experiences in other markets where similar intrusions persisted for significantly longer periods before discovery.”
Last month, it was announced that the government will help critical information infrastructure owners (CIIOs) defend against cyberattacks with new measures, including equipping them with proprietary threat detection systems.
The proprietary tools, developed by the Centre for Strategic Infocomm Technologies (CSIT), will complement commercial threat detection systems used by CIIOs. The CSIT is a technical agency in the Ministry of Defence.
Singapore’s 11 CII sectors are energy, water, banking and finance, healthcare, land transport, maritime, aviation, infocomm, media, security and emergency services and government.
In response to queries from CNA on safeguards to prevent service disruptions, StarHub said cybersecurity remains a “critical priority” and that it will continue to strengthen capabilities to safeguard customers and infrastructure.
“We take our role in safeguarding Singapore’s critical infrastructure seriously and work closely with relevant authorities. As a Singapore company, we remain committed to supporting broader national resilience efforts,” said the telco spokesperson.
Simba said that it has “service resiliency systems” in place and a 24/7 team monitors the network.
“We have been working closely with CSA and IMDA on all matters relating to cybersecurity,” added the telco.
Singtel did not respond to CNA’s queries.
Continue reading...