The Canberra-based Australian National University offers a favoured pathway into the nation’s top public service jobs. Targeting such students is a tried and true tactic, developed by the Soviet Union as it waged the Cold War.

It was revealed hackers had breached the ANU’s computer network, extracting information on some 200,000 staff and students — including passport details and tax file numbers — dating back 19 years.
“We have no evidence that research work has been affected” — ANU Vice Chancellor Brian Schmidt said in a statement about what he called a ‘massive’ and ‘sophisticated’ data theft.

But it did breach the university’s National Security College, which offers training courses for existing government officials.

One intelligence official told Nine Publishing: “China probably knows more about the ANU’s computer system than the ANU does.”

‘SOPHISTICATED OPERATOR’

The chancellor said it was fortunate the Canberra-based university detected the breach when it did.

“This is not the first time we have been targeted. Following the incident reported last year, we undertook a range of upgrades to our systems to better protect our data. Had it not been for those upgrades, we would not have detected this incident.”

A “sophisticated operator” accessed the university’s systems in late 2018, the chancellor’s statement reads, adding the breach was only detected a few weeks ago.

That puts the attack in the same time frame as an attack on the Parliament House computer network in Canberra — which Prime Minister Scott Morrison earlier this year revealed was the work of a “sophisticated state actor”.

EXPLORE MORE:

Can we trust algorithms to replace the roles of government?

Just how ‘loyal’ will Australia’s new AI drones be?

Algorithms can now sense the intentions hidden in your words

PARLIAMENT ATTACK

The Prime Minister said Australia’s security agencies had “acted decisively to confront it”.

The statement led to intense speculation that China was behind the attempt to probe our national security with a level of sophistication described as “unprecedented”.

Only four nations are thought to be capable of such a breach: China, Russia, Israel and the United States.

Mr Morrison told parliament in February that, while investigating the Parliament House hack, cybersecurity authorities “also became aware that the networks of some political parties, Liberal, Labor and Nationals, have also been affected”.

The ANU has not issued any indication as to whom it believes was behind the latest breach. The university, however, has close links to national security issues through its close relationship with Australia’s defence and foreign affairs departments.

PERSONAL DATA

“For the past two weeks, our staff have been working tirelessly to further strengthen our systems against secondary or opportunistic attacks,” the university’s chancellor said.

Data accessed includes names, addresses, dates of birth, phone numbers, email addresses, emergency contact details, tax numbers, payroll details, bank accounts and passport details.

“Student academic records were also accessed,” he said.

Combined, these details represent a massive threat of identity theft.

Mr Schmidt said the university is working with government security agencies and private security firms to investigate the breach. This includes the specialist government cyber defence units Australian Cyber Security Centre (ACSC) and Australian Signals Directorate (ASD)

“We must always remain vigilant, alert and continue to improve and invest in our IT security,” he said. “I know this will cause distress to many in our community and we have put in place services to provide advice and support”.

In July last year, the ANU said it had detected Chinese hackers in its systems - but said it did not believe any data had been breached.

FIGHTING ‘GREY WAR’

Australia mobilised its cyber experts after a co-ordinated attempt to influence the 2016 US presidential election by Russian hackers.

Earlier, in 2011, Australia discovered how vulnerable its communications networks were when Beijing was accused of accessing thousands of private emails in a system used by politicians and parliamentary staff.

Then, in 2017, Canberra again accused China of meddling in its affairs.

Things escalated further last year when the Australian Government banned Chinese tech giant Huawei from building a 5G telecommunications network due to data security concerns.

Federal parliament also moved to improve Australia’s cyber defence capabilities with a massive expansion increase in status of the ultra-secret Australian Signals Directorate (ASD).

“Foreign signals intelligence, countering cyber-espionage and defending against cyber threats remain critically important for ASD,” Foreign Minister Marise Payne said.

“At the same time, ASD’s focus will now expand to lead cyber security support and services to industry, government and the community. To achieve this the Australian Cyber Security Centre now operates as part of ASD.”

The Australian Cyber Security Centre was established in 2014 as an agency to analyse, investigate and report cyber threats.