Skip to main content



NUS, NTU hit by cyber-attacks targeting Govt info, research data

SINGAPORE — Two of Singapore's top universities have been hit by sophisticated cyber-attacks aimed at stealing research and government-related information, the authorities announced on Friday (May 12).

Reuters file illustration photo

Reuters file illustration photo

Follow us on Instagram and Tiktok, and join our Telegram channel for the latest updates.

SINGAPORE — Two of the Republic’s top universities have been hit by sophisticated cyber attacks aimed at stealing research and government-related information, the authorities said on Friday (May 12).

The attacks, the first of such sophistication to hit the National University of Singapore (NUS) and Nanyang Technological University (NTU), were detected on April 11 and 19 respectively.

The Cyber Security Agency of Singapore (CSA) described the breaches as the work of “advanced persistent threat (APT) actors”, or attacks that use more stealthy methods and therefore, harder to detect.

Unlike traditional cyber threats such as viruses and malware, which are used to hack into different systems or the networks of various companies, APT attacks are designed to target a specific entity. They are highly customised in order to get around existing security measures designed by that company or organisation. To avoid being traced, the attacks are typically carried out through individuals associated with those entities.

“They are carefully planned and are not the work of casual hackers. The objective may be to steal information related to government or research,” the agency said in a statement.

CSA’s chief executive David Koh said: “We know who did it, and we know what they were after. But I cannot reveal this for operational security reasons.”

There was no evidence that any students’ personal data or government classified information was taken, said the CSA.

In separate statements, the two universities said they have heightened cyber security measures since the attacks, and that their daily IT operations are unaffected.

However, they gave no details about the scale of the attack or whether the hackers were successful in stealing sensitive information. It is also unclear if any ongoing projects might have been compromised.

Current research facilities that are linked to government agencies include the Air Traffic Management Institute at NTU, the National Cybersecurity Lab and the Singapore Nuclear Research and Safety Initiative at NUS. There are also bioscience and nanoscience labs.

The CSA said the hackers’ activities “appear to be limited”, noting that “the universities’ systems are separate from government IT systems”.

Stepped-up checks on the networks of other universities, as well as those belonging to the Government and other critical sectors, have turned up no sign of suspicious activity, thus far.

The agency added: “The daily operations of both universities, including critical IT systems such as student admissions and examinations databases, were not affected.

“CSA, (the Education Ministry), and the universities will not be able to provide further details about the incident as this could impact the effectiveness of additional defensive and preventive measures being put in place by both universities.”

The two universities said they detected the attacks during routine checks on their IT networks.

“Immediate action” was taken to isolate the affected desktop computers and servers, NUS said.

NTU said it replaced the affected machines, which included “shared personal computers and front-end workstations”.

In an email sent to students on Thursday, NTU chief information officer Mr Tay Kheng Tiong informed them of the intrusions, and urged them to follow security measures such as changing their passwords regularly, and not responding to phishing emails.

NTU is also working closely with the CSA to monitor and strengthen its cyber security defences, he added.

Mr Koh said: “Attackers are not just targeting government systems, they are looking for any kind of a network that is connected or remotely related to the Government. So private organisations need to be on the lookout.”

“We urge all organisations to be vigilant, and to proactively check their own IT networks for malicious activities, and through this way we can all work together to secure all our networks.”


Read more of the latest in




Stay in the know. Anytime. Anywhere.

Subscribe to get daily news updates, insights and must reads delivered straight to your inbox.

By clicking subscribe, I agree for my personal data to be used to send me TODAY newsletters, promotional offers and for research and analysis.