SINGAPORE: The Ministry of Education (MOE) said on Wednesday (Jul 23) that it had advised schools to update their Microsoft SharePoint servers with the latest security patch to guard against potential vulnerabilities, but it added that no cyberattacks had been detected so far.
MOE’s statement came in response to CNA queries, when it emerged that the School of the Arts (SOTA) had taken down its parents portal as a part of a cybersecurity measure.
The school said it had identified a vulnerability in the third-party server infrastructure supporting the portal and that the third-party service provider had acknowledged such reports from their server customers.
“This vulnerability is currently being actively exploited in a global cyberattack campaign, which has already compromised organisations worldwide, including government agencies and multinational corporations,” the school said in a message to parents.
“The attacks, which began on Jul 18, are specifically targeting school-managed installations.”
The global cyberattack campaign had already compromised organisations globally, including government agencies and multinational corporations, said SOTA.
In a media statement later on Wednesday evening, SOTA said it did not identify any compromise of its systems.
It added that it had temporarily disconnected the parent portal, which is hosted on SharePoint, from the internet as a “precautionary measure” to facilitate the security patch, as advised by MOE.
On Tuesday, the Cyber Security Agency of Singapore (CSA) issued an alert for users of Microsoft SharePoint to update to the latest version, citing “critical vulnerabilities”.
SharePoint is a web-based collaborative document management platform developed by Microsoft.
On the same day, Microsoft issued a threat intelligence note warning of active attacks targeting SharePoint servers via known vulnerabilities. It said security updates have been released to address the flaws.
The note linked the attacks to three China-based groups, and added that investigations into other threat actors are ongoing.
In response to CNA’s queries, CSA said it has reached out to “all critical sectors” that are using vulnerable versions of SharePoint to advise them to update to the latest version provided by Microsoft.
The agency added that it is working with GovTech and the sectors to analyse the impact.
