Four Singapore universities were targeted by an Iran-based hacking group that was able to compromise 52 staff accounts and more than 31 terabytes of sensitive academic data.
Reports suggest that the accounts from Nanyang Technological University, the National University of Singapore, Singapore Management University, and the Singapore University of Technology and Design were all affected by the breach.
The Iranian group, from which nine members have been charged in the United States, attacked the universities. The Cyber Security Agency of Singapore released a statement about the Singapore breach last week.
ESET senior research fellow Nick FitzGerald believes that the attacks were part of a global campaign that targeted universities around the globe.
Because universities contain intellectual property, they are attractive to cyber attackers who are looking to sell it for financial gain, or by state-sponsored actors looking to gain competitive advantage.
“These attacks against universities serve as a reminder that more cross-country collaboration is needed to stop attackers from gaining an upper hand as cyberattacks transcend national boundaries. More industries and governments should share information and best practices so that we have a more coordinated strategy when dealing with attacks on such scale,” FitzGerald says.
Staff at the four universities were targeted by a spear phishing attack. The attack encouraged users to enter their credentials into a fake website. Attackers then used those credentials to access staff data.
FitzGerald notes that because people fell for the attack, people are still the weakest link.
“More needs to be done to ensure all staff are regularly educated and updated about the latest cyber threats and how to protect themselves,” he comments.
“In addition, organisations should look to incorporate multi-factor authentication technology as an added layer of security. This would strengthen an organisation’s defence, especially against phishing attacks. A simple password can no longer be relied on as adequate protection against attackers. Whether it is biometrics, 2FA or other methods of authentication, multi-factor authentication technology is a stronger deterrent.”
FitzGerald says there are a number of signs that can indicate phishing attempts.