Local universities under cyber attack
Image by Pixabay
Malware was discovered to have been introduced into the computer systems of local universities earlier in April.
The National University of Singapore (NUS) and Nanyang Technological University (NTU) detected intrusions into their IT system in April, originating from “Advanced Persistent Threats” (APTs).
These attacks were not coordinated or linked from the same source.
The Cyber Security Agency (CSA) and Ministry of Education (MOE) have since been notified and have been working with the tertiary institutes.
Acquiring government and research data are the suspected motives for the malicious activities.
An overseas group, possibly with state interference have been identified but are unnamed for security reasons.
The dwell time of these malware are undisclosed. On average, it can take up to 230 days or longer for organisations to detect any breaching of their security.
This is due to the nature of APTs, which use soft tactics like “lurking” to avoid detection over long periods of time.
They are designed for international sabotage and usually include covert state actors.
Their main objectives include restricted intelligence from military, economic and political sectors.
According to Mr Yaacob Ibrahim, Communications and Information Minister, the situation has been contained. He also urged the public to be vigilant and practice good cyber hygiene.
On the CSA official website, a press release has been released on 12 May, stating that “There is no evidence that information or data related to students was being targeted.”
NUS and NTU have adopted preventive measures and increased additional security.
Public users should equip themselves with basics such a using firewalls and anti-virus software.
Suspicious emails with links and instructions are to be avoided.