At least two NUS computers compromised in new attacks
Hackers hit university systems via spear phishing
A fresh round of cyber attacks has been made on National University of Singapore (NUS) computers, weeks after the discovery that hackers had broken into its networks - and those of the Nanyang Technological University - to steal government and research data.
The Straits Times learnt the attacks this week compromised the computers of at least two staff members, including a researcher involved in a security project funded by the Defence Ministry.
NUS Computer Science research fellow Prosanta Gope's computer was hacked on Tuesday after he clicked on a link in a "spear phishing" e-mail from a colleague whose computer was also hacked.
Dr Gope's account was in turn used to send out more phishing e-mails to other colleagues.
Spear phishing is the fraudulent practice of sending e-mail ostensibly from a known or trusted sender to trick targeted individuals to reveal confidential information, click on malware-infected links or open infected attachments.
The phishing e-mail sent from Dr Gope's account read: "Your NUS email account has been blacklisted and you are required to verify your account."
The message was signed off by "NUS Admin Team" and a link provided for unsuspecting users to click.
When contacted, an NUS spokesman said the phishing attempts were not related to the attacks discovered last month, or the global WannaCry ransomware attack.
"We did not find signs of malware or data loss," she said, declining to provide details.
She said access to the phishing website has since been blocked and passwords changed. "The NUS community receives regular advisories on good cyber and information security practices, including how to spot and report phishing emails," she said.
An NUS lecturer who received the phishing e-mail told The Straits Times: "Phishing is very common here, but it is getting harder to identify a fake. Even an expert was tricked."
The motives of the hacker in the latest attacks are not known.
But the attacks on the universities discovered last month were believed to be a roundabout way to get hold of government-related information, as NTU and NUS are involved in government-linked projects for the defence, foreign affairs and transport sectors.
The varsities maintain that no classified information or personal data was stolen.
Mr Aloysius Cheang, executive vice-president of global computing security association Cloud Security Alliance, said organisations tend to overlook user education on cyber security matters.
"An organisation's security is only as strong as its people and education programme," he said.
Mr Amir Ofek, chief executive officer of Israeli cyber security services firm CyberInt, agreed. "You can never get too complacent," he said.