Singaporean ISP (Internet service provider) SingNet has admitted that it carried out scans over the past week on the computer systems of 200,000 of its subscribers without their knowledge.
The scanning, which was detected by a subscriber who had fitted her computer with antihacking software, was to prevent a recurrence of a case in March where hackers were able to obtain passwords from 17 subscribers by hacking into their systems, SingNet said. The scanning was carried out by IT experts from the Ministry of Home Affairs, which had helped crack the March hacking case.
The admission by SingNet drew some angry comment in online newsgroups about privacy violation, with contributors urging subscribers to switch to other ISPs.
In a statement released late Friday, Paul Chong, chief executive officer of Singapore Telecommunications' multimedia division, which runs SingNet, said there had been no invasion of customers' privacy and that the ISP only had customers' best interests at heart.
Chong said that SingNet regretted not informing customers before the exercise, but said the ISP did not want to alert hackers, or to unduly alarm its customers. The scanning program used was not a hacking tool and has no ability to enter any computer system, but is rather a defensive measure to look for security loopholes, Chong said.
The scan checked computer systems' vulnerability to so-called Trojan horse attacks, SingNet said. Trojan horse attacks allow a hacker to capture passwords by identifying keystrokes, and enable the hacker to gain access to a person's PC and get content for illegal purposes.
The Singaporean ISP apparently used NetBus and Back Orifice scanning software, which was then detected by a law student who had Jammer antihacking software installed on her system, local press reported. Alarmed, the student contacted SingNet, who told her it was responsible for the intrusion, press reports added. Trojan horse Back Orifice was developed last year by hacker group Cult of the Dead Cow.
SingNet said it discovered that 900 computers were infected with Trojan horse viruses in one week's scanning and would inform their owners by e-mail. The ISP has stopped the scanning while it seeks subscribers' views on such preventive scanning measures, SingNet said. The ISP said it will call upon the independent National Internet Advisory Committee to certify that its scanning exercises are not intrusive.
The other two ISPs in Singapore, Cyberway Pte. Ltd. and Pacific Internet Pte. Ltd., responded by placing gaudy advertisements on their Web sites for virus detection software such as Jammer, Private Desktop, NukeNabber and Anti-Gen.
More information about SingNet can be found on the World Wide Web at http://www.singnet.com.sg/.