Hackers target Australian National University, steal personal details of 200,000 students and staff

The Australian National University revealed it had been attacked by cyber hackers who gained access to personal details of up to 200,000 students and staff dating back 19 years.
The Australian National University revealed it had been attacked by cyber hackers who gained access to personal details of up to 200,000 students and staff dating back 19 years.PHOTO: ANU

SYDNEY - A leading Australian university with close links to the government and the defence and intelligence communities, the Australian National University, on Tuesday (May 4) revealed it had been attacked by cyber hackers who gained access to personal details of up to 200,000 students and staff dating back 19 years.

The hack is the second major cyber attack against the university in the past year and raised concerns that foreign actors could be trying to capture sensitive information about students who may go on to hold senior government positions.

An attempted infiltration last year was traced to operators in China, according to unnamed sources cited by Fairfax Media.

ANU's Vice-Chancellor, Professor Brian Schmidt, said on Tuesday that the "sophisticated" attack began late last year and was detected two weeks ago but was not revealed until the system had been protected from "secondary or opportunistic attacks".

He said the data that was accessed included "names, addresses, dates of birth, phone numbers, personal e-mail addresses and emergency contact details, tax file numbers, payroll information, bank account details, and passport details".

"The university has taken immediate precautions to further strengthen our IT security and is working continuously to build on these precautions to reduce the risk of future intrusion," he said in a message to students and staff.

"We are taking this incident extremely seriously and we are doing all we can to improve the digital safety of our community. We are all affected by this."

The government agency which defends against cyber attacks, the Australian Signals Directorate, said it was investigating the attack but could not yet say whether this hack was linked to last year's threat.

"Proper and accurate attribution of a cyber incident takes time and any attribution would be done in a measured fashion," it said in a statement.

The ANU, located in Canberra just a short distance from Parliament House, has security- and defence- focused research centres and a strong public policy focus.

Graduates have gone on to become MPs, heads of government departments, and prime ministers. The Times Higher Education World University Rankings this year ranked the ANU as Australia's second-highest ranked university and the world's 49th.

Analysts suggested the attack may have been by a state actor such as China trying to access details of researchers or by a criminal group attempting to capture personal information to enable fraud and identity theft.

A cyber security expert at the Australian Strategic Policy Institute, Mr Tom Uren, said the culprit was not yet known but China was a likely suspect.

"They have a history of stealing large data sets and the theory is that they're putting these together to try and build a picture of people of interest to use for either counter-intelligence or intelligence purposes," he told ABC News.

"I've also heard the theory that the Chinese are interested in foreign universities because they've got a large number of overseas students … and universities are traditionally a hotbed of radicalism and that's a concern for the Chinese state."

Just over 7,400 international students were enrolled at the university in 2016, which had a student body of roughly 20,000 as of last year, according to ABC. 

 
 
 

Australian security agencies have warned of repeated and consistent attempted cyber attacks by foreign actors against Australian governments, businesses and universities. In February, an attack on Australia's Parliament was blamed on China by unnamed security sources.

China's alleged cyber attacks on Australia come during a period of heightened tension between the two countries. Beijing was angered by Canberra's efforts to curb foreign interference - which were seen as targeted at China - and its warnings about the security risks of dealing with Chinese telecommunications firm Huawei.

Foreign students at ANU were last year barred from participating in an internship programme which allowed them to work at an MP's parliamentary office.

According to a report in the Australian Financial Review, the decision was made by the Parliament due to concerns about "the potential risk of Chinese students exploiting this privileged access to MPs and ministers' offices".

The report emerged several days after the ANU said it had been trying for months to minimise the threat from a cyber attack. The attack was believed to be by Chinese hackers and reportedly began in 2017.

The revelations about the attack on Tuesday prompted some present and former students to immediately change passwords and tighten online security.

Home Affairs Minister Peter Dutton would not comment on whether the authorities believed a state actor or criminal group was behind the attack.