NUS, NTU systems hacked: What is 'advanced persistent threat'

Security experts have warned of that advanced persistent threats are rising globally.
Security experts have warned of that advanced persistent threats are rising globally.PHOTO: BLOOMBERG

SINGAPORE - The breaches in the computer networks of National University of Singapore (NUS) and the Nanyang Technological University (NTU) discovered last month (April) were said to be caused by advanced persistent threats (APTs).

Security experts said that APTs are on the rise globally, but what are APTs?

They are stealthy and continuous computer hacking processes planned by a group of attackers, such as a government or political activists, with the intention to gain intelligence or steal information. The hackers gain unauthorised access into and lurk within computer networks undetected for a long time.

Sophisticated techniques using malware are typically deployed to exploit vulnerabilities in systems in such attacks. Malware can be introduced when computer users plug infected portable storage drives into the network, or click on infected links embedded in e-mail messages via phishing methods to trick users. Hackers may also use brute-force computer intrusion techniques to access systems.

Once the malware is planted in the network, it gives hackers a backdoor to remotely monitor and extract data from the target network or system.

Here are two notable examples of APTs:

1. Stuxnet worm (2010)

It's the world's first cyber weapon designed by the United States and Israel to infect an Iranian nuclear facility in 2010. The code made its way into the Iran's Natanz facility and infected the specific industrial control systems via an unassuming piece of technology: the USB drive. An Iranian double agent working for Israel reportedly plugged the deadly USB drive into a computer there. The malware quickly propagated and temporarily crippled Iran's nuclear programme - all while the Iranians' computer screens showed everything was working normally.

2. Deep Panda (2015)

It is one of several hacking groups that are being accused of attacking the computers of the United States government's Office of Personnel Management to steal government, defense and industrial documents - as part of an ongoing cyberwar between the US and China. China, however, has denied any connection with such attacks.

The latest attack in May 2015 was understood to have compromised over 4 million records on current and former federal employees. It is feared that information pertaining to secret service staff may also have been stolen.

Defence against APTs include educating computer users not to open attachments or click on links as they may be infected with malware. Users should also be cautious of "innocent-looking" emails with attachments containing relevant information to one's field of work or interest. This method to trick users is commonly known as "spear phishing".