DBS Bank suffers worst outage in a decade
When DBS Bank suffered an outage a few days ago, many of its customers in Singapore began panicking as they were unable to complete their transactions. The outage is the biggest disruption suffered by the bank since a major glitch over a decade ago.
For financial institutions like banks, any form of an outage is simply unacceptable. Thousand of consumers rely on the bank’s digital services and were left fuming as transactions and online banking matters could not work.
According to a report by The Straits Times, the disruption began on Tuesday morning as stated by outage monitoring website Downdetector. While the bank was able to sort the problem, the outage occurred again the next day, resulting in almost 15 hours of outage.
In a video message to customers, DBS Singapore Country Head Shee Tse Koon provided an update on the disruption in the bank’s digital banking services. “We have since been working round the clock, together with our third-party engineering providers, to fix the problem.”
As one of Southeast Asia’s largest banks, DBS Bank is known for using new technologies in its financial systems. It recently announced that its digital asset ecosystem, anchored by the DBS Digital Exchange, has enjoyed strong business momentum since it went operational 24/7 in August this year. DBS also recorded over SGD 600 million in digital assets under custody as of the end of October, triple the amount recorded in the previous month.
The bank also announced that it will invest SGD300 million next year to grow the breadth and depth of its digital and Intelligent Banking capabilities powering all products and solutions for wealth and retail customers. The investment will go towards enhancing tech infrastructure and talent, embedding Intelligent Banking predictive technology in more financial solutions to better empower self-directed customers, and scaling the bank’s capabilities across both online and offline touchpoints across the region.
While the bank outage has been resolved, the reality is, outages can happen. The Monetary Authority of Singapore (MAS) said it will consider taking “supervisory action” on DBS for the disruption, Reuters reported.
“This is a serious disruption and the Monetary Authority of Singapore (MAS) expects DBS to conduct a thorough investigation to identify the root causes and implement the necessary remedial measures,” Marcus Lim, an assistant managing director from the banking and insurance team at MAS, said in a statement.
Dealing with bank outage
To understand more about the bank’s outage, Tech Wire Asia caught up with Kevin Reed, Acronis CISO, and Alex Ivanyuk, Acronis Technology Director. Both of them explained how the bank could have dealt with the issue.
“For a renowned bank, like DBS, to have some services down for more than 24 hours – with none of the services available at some point – is quite unacceptable. In my experience of technical firefights, the worst-case scenario is recognized fairly quickly. Given how long it takes to resolve this issue (still being resolved), they may be still trying to locate the problem,” said Kevin.
Since DBS hasn’t shared much info about what happened, Kevin thinks the issue could be with their authentication systems. It’s hard for him to tell, but a system upgrade or some external event could be causing a significant overload of the authentication platform, leading to its malfunctioning. Many users have reported the issue, the access is sporadic, signs of an overload. Many similar events happened in the past, DDoS attacks are often the cause of system overload and not responding to legitimate user requests.
Kevin also pointed out that in the 21st century, banks need to modernize their infrastructure with advanced technology, including cyber protection – having a capable tech team helps achieve just that and be on top of the problem.
“As per stated on their website: “maintenance for Services involving foreign exchange is scheduled daily from 5am-6am”. Running scheduled maintenance that can possibly cause downtime – it’s simply not done in our day. Many sites have figured out how to upgrade without disrupting the operations by now,” added Kevin.
For Alex, this is not the best example of crisis handling. Not only the bank services were down, but customer support functions also weren’t working, and there was no announcement on any public DBS channel until hours later.
“That being said, in my experience, no bank is much better at that – and DBS is not the first bank to face such issues. Banks are known to still use outdated, legacy systems – especially if they were founded long ago. Large US banks are known to use COBOL and mainframes, but they are not exactly technological power horses, to say the least,” noted Alex.
Alex also commented that it’s not just the banking industry that can have outages. Transportation, telecom to some extent, manufacturing, industrial (like plants, various controls, etc), even military – many of them still rely on legacy systems, which poses a problem internally (to employees) and externally (to customers). This also makes them exposed to cybersecurity threats.