China suspected in ANU data breach


By Dylan Bushell-Embling
Friday, 07 June, 2019

China suspected in ANU data breach

Speculation is mounting over whether the recent ANU cyber attack was perpetrated by Chinese state-sponsored attackers.

Unnamed intelligence officials quoted by Fairfax Media have stated that China is the key suspect behind the attack.

The report cites fears among intelligence agencies that the data accessed in the attack — which includes details on nearly 200,000 current and former students and staff dating back 19 years — could be used to target students and former students in the hope of turning them into informants as they enter careers in government departments, Defence and intelligence agencies.

While no evidence has been presented proving China’s involvement in the attack, the officials claim that China is one of the only handful of countries with the capabilities required to compromise the network and lay undetected for at least five months.

Another potential motive could be industrial espionage, but in disclosing the attack last week, Vice Chancellor Brian Schmidt said there is no evidence that any research data was stolen and that email accounts were not compromised.

But Joseph Carson, Chief Security Scientist & Advisory CISO for privileged account management solutions provider Thycotic, suggested it is too early to call the attack “sophisticated” — a term that in the security industry is increasingly being used as a euphemism to denote suspected foreign government involvement.

“We must learn that calling all data breaches sophisticated and rushing to attribution before a detailed investigation has been completed is not a good policy,” Carson said.

He added that the most likely motivations behind the attack involve identity theft or intellectual property theft.

“Organisations should learn from this latest data breach that it is not about the organisation but all about the data that makes you a target of a cyber attack,” Carson said.

“If you require lots of sensitive data from applicants, employees and contractors and this data is valuable then you need to ensure the right security controls are in place and de-risk the data to make it more difficult for cybercriminals to get access. Cybercriminals will first recon the enrolment process to identify what type of data is required, and if it is valuable then they will go after the data.”

Image credit: ©James Thew/Dollar Photo Club

Please follow us and share on Twitter and Facebook. You can also subscribe for FREE to our weekly newsletter and quarterly magazine.

Related Articles

Managing third-party cybersecurity risks in the supply chain

Third-party cybersecurity breaches occur when the victim's defences are compromised through a...

Countering MFA fatigue demands a rethink on user authentication

While MFA remains effective, highly motivated threat actors are using tactics that seek to...

Four common zero-trust misconceptions derailing cybersecurity success

John Kindervag, creator of the zero-trust concept, explores the four most common zero-trust...

Content from other channels on our network

World's southernmost base station operating in Antarctica

Ultra-precise motion sensor could enable GPS-free navigation

Australian CubeSats successfully launched into space

Kordia leaves JV delivering NZ PSN's LMR network

Nokia enters partnership to bring 5G to Egypt

Traffic lights 'talk to' driverless vehicles in Sydney

Electrical contractor fined $40K

Path cleared for smarter street lighting

Future Made in Australia at risk, Smart Energy Council warns

Air quality improving in Australian homes

Boomi completes comprehensive IRAP reassessment

Trustwave appointed to Department of Defence ICTPA panel

Government services failing to engage younger Australians: report

New policy released for the use of AI in government

Call for investigation of TP-Link amid cybersecurity fears

  • All content Copyright © 2024 Westwick-Farrow Pty Ltd