Iranian hackers target Singapore's top universities; NUS, NTU research data scanned

Singapore universities cyber attack
Singapore universities cyber attack (Representational picture) Pixabay

Four Singapore Universities were attacked by alleged Iranian hackers, who stole more than 31 terabytes of academic data and intellectual property from other institutions across the world.

Reports stated that Nanyang Technological University (NTU), National University of Singapore (NUS), Singapore University of Technology and Design and Singapore Management University informed Singapore's Cyber Security Agency (CSA) and Ministry of Education (MOE) about a breach of 52 staff accounts on Tuesday, April 3.

The Iranian hacking syndicate, which includes nine individuals, has been charged in the US for their bid to hack 144 US and 176 other universities across 21 countries, including Singapore-based institutions. The US Department of Justice said in a statement recently that these hackers are doing these crimes "under the instructions of the Iranian government", which Teheran has denied.

Singapore's Cyber Security Agency said that their officials have received information about the data breach last week and they soon conveyed this news to the ministry. The affected universities have stepped up their vigilance system and users have been advised to change their passwords immediately.

The primary investigation showed that the data breach was in the form of a phishing attack where all the staff were directed to a credential harvesting website to provide their login details. Later the credentials were used to gain illegal access to the institute's library website where the hackers looked for research articles published by the staff of the university.

The affected Singapore universities have issued a cyber-attack alert to all the staff, and asked them to reset their password. To secure the data, the universities have also carried out a scanning function of each computer in the premises, besides helping the official investigation into the cyber attack.

The US had on March 23, charged the Iranian hacking group with several counts of identity theft, fraud and conspiracy to commit computer intrusions. Reports also stated that the group has an alleged link with an Iran-based Mabna Institute that has conducted a coordinated campaign of cyber trespassing through computer systems since 2013.

In 2017, a hacking group broke into NUS and NTU's networks seeking government and research data, said CAS, which added that these hackers are not casual hackers but professionals. Both NUS and NTU have research arrangements with the government, as well as some projects related to defence, foreign affairs and transport sectors.