Cybercriminals sponsored by the Chinese government allegedly infiltrated the Australian National University’s (ANU’s) systems in 2018 and were probably roaming freely until two weeks ago when the breach was detected, writes The Sydney Morning Herald.
“While it is understood there is no clear evidence yet that Beijing is behind the attack, sources said China was one of only a handful of countries able to carry out such a breach while remaining undetected,” says the newspaper.
The attackers gained access to 19 years’ worth of personal student and employee data, such as academic records, passport details, bank and tax information. Private information of 200,000 people was exposed in what Australia’s intelligence agency believes was a Russian-inspired strategy to use the stolen data to recruit students or staff.
Many Australian National University alumni are part of key government agencies such as the Defense Department and the Australian Security Intelligence Organization. Intelligence officials believe China’s long term plan is to infiltrate government departments and intelligence agencies to steal top secret information and compromise national security from within.
“China probably knows more about the ANU’s computer system than the ANU does,” said one intelligence official, who wasn’t identified.
Although the university had collaborated extensively with the government to safeguard its network and improve security, it appears the initiative was not as successful as planned. This high-level data breach is not isolated; it is the second university attack in 12 months and it was barely last year that attackers hit the Liberal, Labor and National parties and the Parliament.