Iranian hackers breach Singapore universities to access research data

Believed to be part of last month's attacks against global education institutions, the hackers breached 52 accounts across four Singapore universities including NTU and NUS to gain access to research articles.
Written by Eileen Yu, Senior Contributing Editor

Iranian hackers have targeted four Singapore universities in a wave of attacks believed to be part of last month's security breach involving global education institutions.

At least 52 accounts were affected across the Nanyang Technological University (NTU), National University of Singapore (NUS), Singapore Management University, and Singapore University of Technology and Design, according to a joint statement Tuesday by Cyber Security Agency of Singapore (CSA) and Ministry of Education (MOE). The government agencies said they learnt of the breach last week.

Hackers had used phishing attacks to harvest credentials from affected staff members and used these to gain access to the institutes' online libraries and research articles published by the academic staff.

Based on their investigations, CSA and MOE said no sensitive data had been stolen and the attacks did not appear to be linked to the APT attacks against NUS and NTU last year.

They were, however, believed to be part of last month's attacks against education institutions worldwide including 144 universities in the US, after which the US Deputy Attorney General unveiled a series of indictments and financial sanctions against Iranians. The US government had identified nine Iranians thought to be part of the cyberattacks.

The Singapore universities had been told to run checks on their networks and users urged to change their passwords.

"Phishing is a prevalent cyber threat in Singapore. CSA advises users to be vigilant and not click on unfamiliar links or attachments," the government agencies said. "Users should also refrain from providing personal information on unknown sites. If users have inadvertently provided their personal information, they should monitor their email accounts for unusual activity."

Editorial standards