Singapore university accounts breached; stolen credentials used to access research articles

Singapore university accounts breached; stolen credentials used to access research articles

SINGAPORE: Four Singapore universities have suffered cyberattacks, the Cyber Security Agency of Singapore (CSA) and Ministry of Education (MOE) said in a joint statement on Tuesday (Apr 3).

CSA and MOE said they received information about the breaches of at least 52 online accounts last week at the Nanyang Technological University (NTU), National University of Singapore (NUS), Singapore Management University and Singapore University of Technology and Design.

Based on investigations, the incident was a phishing attack where unsuspecting users were directed to a credential harvesting website. 

The credentials were then used to gain unauthorised access to the institutes’ library website to obtain research articles published by institutes’ staff, CSA and MOE said. 

There has been no evidence that sensitive information was extracted, and the incident does not appear to be linked to the Advanced Persistent Threat (APT) attacks on NUS and NTU last year, they added. 

"Phishing is a prevalent cyber threat in Singapore. CSA advises users to be vigilant and not click on unfamiliar links or attachments. Users should also refrain from providing personal information on unknown sites. If users have inadvertently provided their personal information, they should monitor their email accounts for unusual activity," CSA and MOE said in the statement. 

The authorities have been working closely with the universities on investigations and have advised them on incident response and the remediation measures to take, they said. 

The institutions have been instructed to run a check on their networks and have also stepped up their vigilance. Users have been advised to change their passwords immediately, they added. 

The breaches come amid charges by the US Treasury Department against a group of Iranians which was accused of hacking hundreds of universities worldwide on behalf of Iran's Revolutionary Guards. Court documents for the case allege that the hackers coordinated cyber attacks on university computer systems in 22 countries, including Singapore, at the behest of the Iran government. 

Iran has called the accusations "false" and slammed US sanctions against 10 of its citizens and an Iranian company over their alleged involvement in the scheme.

Source: CNA/mz(hm)