A wave of hacking attacks on university websites between mid-December and early January left online contents of at least 18 institutions across Japan tampered with, The Asahi Shimbun has found.
The string of cyberattacks targeted a total of 32 websites of research labs, officially recognized extracurricular clubs and other groups belonging to the 18 schools located in Tokyo and 11 prefectures, including the University of Tokyo, Keio University and Nagoya University.
The Asahi Shimbun contacted the universities individually after learning of the attacks from online sources.
The infiltrators replaced the website content with pages saying they had been hacked, as well as posting lists of URLs believed to connect to scam websites.
The universities said no confidential or personal information were stolen by the hackers. Nevertheless, the attack has alarmed the authorities, as many universities handle research that requires strict confidentiality as well as huge amounts of information regarding intellectual assets.
“It’s a situation that could compromise the reliability of a university,” the education ministry warned the institutions on Jan. 13, while urging them to inspect their websites and bolster security. Police are also investigating the matter.
The cyberattacks were concentrated on Dec. 18 and Jan. 7, and around that time some business websites were also hacked.
The universities said that they have since implemented stronger security measures, including shutting off network connections to the websites that were tampered with.
In the case of the Nara Institute of Science and Technology, a prototype bulletin board system made by a research lab was replaced with a page listing an array of online links believed to connect to scam sites offering concert tickets and credit cards.
The school said its website “may have been used as a springboard to guide viewers to malicious websites” and reprimanded the professor and associate professor managing the page.
In addition, Keio University, Mie University and other institutions had their online contents changed to display the phrase, “Hacked by Team System Dz.”
That hacking group has been accused of involvement in a mass cyberattack in 2015 that altered more than 1,000 websites across the globe. The group claims to be of Algerian origin and even has some posts supporting the Islamic State, according to its social networking service website.