The cyber attacks on the networks of the National University of Singapore (NUS) and the Nanyang Technological University (NTU) last month were carefully planned and the work of Advanced Persistent Threat (APT) actors, according Singapore's Cyber Security Agency (CSA).
The CSA revealed that NTU’s networks were breached on April 19, while an unauthorized intrusion into NUS’ IT systems were detected on April 11.
The objective may be to steal government or research-related information, according to the CSA.
Affected networks at both NUS and NTU have been removed and replaced. The daily operations of both universities, including critical IT systems such as student admissions and examinations databases, were not affected.
“The attack on NUS and NTU shows that hackers are no longer just targeting the usual suspects in Singapore; such as financial institutions, Government and critical infrastructure,” said Bill Taylor-Mountford, Vice President, Asia Pacific & Japan, LogRhythm.
“Establishments such as Universities hold valuable personal data, including intellectual property that can bring about financial gain.
“Today, we can no longer prevent attackers from gaining access. We are almost fighting a losing battle if we only focus on prevention. Therefore, it is more important to be able to detect a breach and quickly neutralise it.
Reducing the mean time to detect and respond must be the key objective for any cybersecurity infrastructure today.”
How APTs differ from other attacks
Nick Savvides, Security Advocate, Symantec Asia Pacific and Japan, says that APT attacks are a type of targeted attack that are highly advanced that may employ a wide variety of techniques including malware, spyware, phishing, and spam, to name just a few.