By Tatsuya Sudo
At least 18 Japanese university websites were hacked between late December of 2016 and early January of 2017. The victimized universities all state that there were no leaks of confidential information, but the Ministry of Education, Science, Sports, and Culture warned all universities to better manage their digital security.
Universities are rich reservoirs of valuable information including confidential research and intellectual property. Should any information leak, it could have grave consequences. The ministry took these cyber attacks very seriously as “egregious exploitations that could compromise the organizations’ credibility,” and advised academia to take all necessary steps to reinforce network security as the police continue to gather information.
Our reporters interviewed universities individually based on information gleaned on the Internet and found that at least 18 universities across 12 prefectures, such as Tokyo, Keio, and Nagoya Universities, had their websites falsified. A total of 32 websites belonging to university departments, research labs, and clubs were compromised, often with the written message “you’ve been hacked.” The majority of the tampering occurred on or close to December 18th and January 7th. Company websites also had their security breached on these dates.
All affected universities took immediate measures in response to the hacking such as cutting off Internet access to their manipulated sites. None of the institutions reported any data leak of personal or confidential information.
A bulletin board undergoing beta testing developed by a research lab at the Nara Institute of Science and Technology was rewritten with numerous links to credit card and ticket scamming sites. “It’s possible [our website] was used as a portal to their malicious websites” says the university’s spokesperson, who gave a strong warning to faculty members who managed the websites.
Twelve websites managed by the Department of Informatics and Engineering of the University of Electro-Communications were hacked. They even received inquiries by the Metropolitan Police Department. “We don’t know the cause of the breach as there are no traces in our communication records,” says a member of the university’s PR department. Jichi and Dokkyo Medical Universities, both based in Tochigi Prefecture, were alerted to the security violations by the Tochigi prefectural police department. Jichi Medical University manager admits, “It is possible that our server vulnerabilities were exploited.”
Why did hackers target university websites? Our reporters traced the leads left by the perpetrators from the web pages they manipulated.
Mie University Hospital’s tampered site was signed “Team System Dz,” the hacker organization believed to have made the alterations. The same signature was left on the University of Electro-Communications and Keio University websites.
The source that provided information about these website breaches on a hackers’ messaging forum also identified themselves as the above. When our reporter accessed the SNS address associated to the forum posts, it led to a website written in English and Arabic. When we asked why they doctored these websites in mid- January, we received a reply two days later that explained that it was a warning against the sorry state of the institutions’ security. They did not provide any details on why Japanese universities were targeted.
The aforementioned hacker group had alleged links to the mass website tampering cases in 2015 in which more than ten million sites were falsified. They claim to be of Algerian decent and have made posts pledging allegiance to the extremist militant group ISIS.
“If they are associated with ISIS, the hacked information could be used for their terrorist activities,” warns Hiroki Iwai, Senior Manager of Detroit Tomatsu Risk Services, a security firm that specializes in cyber attacks. “The stakes are rising as the upcoming Olympic Games draws near. We must analyze the background of the attacks and develop a nationwide warning system and preventative measures.”