Singapore’s universities have become the latest victims for the Iranian hackers with 52 staff accounts being breached.
The island-state’s four universities namely, National University of Singapore (NUS), Nanyang Technological University (NTU), Singapore Management University (SMU) and Singapore University of Technology and Design (SUTD), had reportedly came under attacked from an alleged Iranian hacking syndicate.
Not just Singapore, the whole world is targeted
Apparently, Singapore’s universities formed just one small part of the global ambitions of the alleged Iranian hackers, which were believed to build a hit list of at least 21 countries’ academics institutions.
This infamous global campaign was first uncovered by US Department of Justice which charged nine Iranians reputedly for attempting to hack 144 US and 176 foreign universities back in 23 March 2018.
The statement released by the US Department of Justice did suggest that this group of Iranian hackers had the backing of the state and linked to Iran-based firm named Mabna Institute. The hack in US drawn some similarities with the latest data breach in Singapore as the hackers targeted research papers and data across all disciplines of science and technology, medical, engineering and so on.
According to US Department of Justice, a total of 8,000 professor accounts worldwide were breached by the Iranian hackers, with nearly half or 3,768 accounts belonged to academics from US-based universities. The stolen data were believed to use to benefit the agendas of the Iran’s Revolutionary Guards.
Counter-measures taken by Singapore
In response, Cyber Security Agency (CSA) of Singapore urged the universities’ personnel to change their passwords immediately and run checks on their networks. Upon further investigation, the CSA explained that hack came as a form of phishing attack in asking users to enter in their account credentials.
These personal information were later used to gain unauthorized access in the universities’ library website to download research papers and publications. CSA stated that it will conduct further investigation and claimed that no sensitive information was being extracted through the incident.
The HackwareNews team understands that the phishing attack is hard to prevent and often it will take collective efforts for all stakeholders of organization to act together.
On the personnel level, the user can practice vigilance on emails and not opening unfamiliar links and attachments. Moreover, the user is also advised not to post any personal data like address, phone number, birthday and holiday plans via social media which can be used against them to the hackers’ advantages. Individual user can also check the spellings of URL and adopting best practices in identifying the phishing attacks.
On the organization front, the company or institution can engage the services of pen-testing firms to identify vulnerability in information system and use the findings to create awareness and rectify them.