Chinese University issues new security alert to students over hacking
Chinese University issues security alert two weeks after it was revealed by Edward Snowden to be target of US spies
Lana Lam and Emily Tsang
Staff and students at Chinese University were warned yesterday to secure their computers against hacking.
The caution came just over two weeks after claims by whistle-blower Edward Snowden that it had been among the targets of a US cyberspying programme.
An e-mail sent by the information security section to all 8students and staff said: "Protecting our data and information against hackers has recently become the talk of the town.''
Titled "Information security reminder - Keep your data out of hackers' reach!", the e-mail is understood to have landed in the inboxes of about 14,800 students and more than 7,500 staff yesterday afternoon.
It included more than a dozen specific "do's and don'ts" on how to block unauthorised access to personal data. "We strive to protect all data … processed and stored by the central information systems and data that flow through our campus network," the e-mail said.
"But there are also simple practices that you may adopt to keep your valuable information and data out of hackers' reach."
Snowden singled out Chinese University as one of several Hong Kong and mainland institutions targeted by US National Security Agency hackers.
He left Hong Kong last Sunday and it is believed he is still in the transit area at Moscow's Sheremetyevo airport, despite earlier reports that he would seek asylum in Ecuador.
The team responsible for yesterday's e-mail oversees information security policy as well as co-ordinating and monitoring responses to security incidents.
The e-mail asked students and staff to protect computers by updating antivirus software, enabling a personal firewall and putting a password on all devices, as well as specific files like Excel or PDF documents.
It warned users not to store confidential data on smartphones and tablets and, if sending such information over the web, to encrypt the files first.
For extra security, it suggested using a digital certificate when sending a sensitive e-mail so that only the intended recipient would see it. Other "don'ts" covered basic IT security such as not opening suspicious e-mails or disclosing passwords.
Last night the centre said in a statement: "Everyone in Hong Kong, not just the community in Chinese University, is more concerned about data security with the current Snowden incident. Everyone taking an extra small step will make hacking much more difficult."
A Hong Kong University spokeswoman said sending e-mail alerts about changing passwords or phishing attacks and suspicious e-mails was "regular practice", with the most recent one sent two weeks ago.
A Baptist University spokesman said no "abnormal cases" regarding cybersecurity had been identified recently and said regular online safety alerts were sent out to staff and students.
A spokesman for the Secretary for Security said the government had yet to receive a response from the US government to its 8request for clarification of Snowden's claim that Hong Kong had been the victim of cyberattacks.