Varsities are treasure troves of information to hackers
Universities are troves of information, research and links to other organisations, cyber security experts told The New Paper.
The Nanyang Technological University (NTU) and the National University of Singapore (NUS) discovered breaches in their networks last month.
Mr Sanjay Aurora, the Asia Pacific managing director of cyber security firm Darktrace, said the education sector is full of intellectual property.
For example, NTU inked an agreement with Tokyo Institute of Technology last year to research areas such as nuclear safety and engineering, robotics and technology-enhanced learning.
NTU also does research on satellites, and it launched its seventh satellite into space from the International Space Station in January.
NUS is known for its research on driverless vehicles as well as its $43 million cyber security lab launched last year with Singtel.
Said Mr Sanjay: "Many of these organisations are also looking to enrich educational experiences by allowing students to use personal devices on the network and embrace digital applications to better facilitate learning.
"This... creates more network vulnerabilities and opportunities for cyber attackers, adding pressure on lean infrastructure teams responsible for protecting users and sensitive data."
This has become a common tactic. Organisations now can be a steppingMr Nick Savvides, Symantec's security advocate for Asia Pacific and Japan
stone to gain access to other organisations.
Fortinet's director of security research, Mr David Maciejak, noted that well-known universities around the world such as Harvard and the Massachusetts Institute of Technology had been targets.
"In the current case, it is not clear if NTU and NUS were targeted directly for their assets, or... as a springboard into the Singapore Government's network," he said.
Mr Evan Dumas, head of emerging technologies for Asia Pacific, Middle East and Africa at Check Point Software Technologies, said advanced attackers often look for multiple ways into their target.
"The magnitude of cyber attacks cannot be underestimated, and we see them growing every day around the world," he said, citing a 900 per cent increase in attacks last year by malware without a known signature.
Singapore's drive towards a smarter nation, and more organisations becoming interlinked means greater cyber vigilance is needed, said Mr Nick Savvides, Symantec's security advocate for Asia Pacific and Japan.
"This demonstrates how sophisticated attackers have become.
"They will take whatever route required to get to their target, and this has become a common tactic.
"Organisations now can be a stepping stone to gain access to other organisations," Mr Savvides said.
He added that Singapore's Smart Nation drive and the dawning of the Internet of Things era mean attackers now have more devices to attack.
"Any device can become a victim or a way into an organisation," he said.
This means every citizen has a part to play in defending against such attacks by practising proper cyber hygiene, said the experts.
Associate professor Zhenkai Liang from the NUS School of Computing said some of the key things people can do is being aware of such threats and taking care not to download suspicious files.
"Taking simple precautions can make a big difference."