A phishing email sent to a senior staff member is said to lead to the data leak of sensitive details from the database of Australian National University(ANU). Authorities confirm that Chinese hackers or a state-funded actor could be behind the cyber attack and the motive was to steal the rich trove of critical data related to the staff and research work.
Brian Schmidt, the Vice-Chancellor of ANU has confirmed the incident but did not give a definitive conclusion on who was behind the attack and the amount of data stolen.
Cybersecurity Insiders have learned that hackers got away with 700 Megabytes of data, while data worth two terabytes was available for them to access from the past six weeks. And the data steal took place as teamwork as over 15 hackers are suspected to be behind the cyber incident.
A staff member from the university confirmed that the accessed data was up to nineteen years old and could be related to staff and students.
Note 1– ANU’s Enterprise Systems Domain is said to house data related to Human resources, financial management, and student administration.
Note 2- The email spear-phishing attack reportedly took place on November 9th last year as a senior staff member clicked on a baited email link out of innocence. But when a fresh firewall was installed, the access point of hackers was cleaned up on Nov 30th,2018. However, the hackers somehow worked their way into the network again on December 21st and managed to sniff all important data from the database for the next 6 weeks.
Note 3- What’s more interesting in this cyber attack story is that the IT staff of ANU learned about the incident on April 2019 after the network admin a threat scan.
Note 4 – ANU first cleaned up their systems and publicized the matter in the media only after June 30th this year.
Note 5- Now they have disclosed further details about the phishing attack and said that hackers could have accessed details such as names, addresses, phone numbers, date of births, emergency contact numbers, tax file numbers, payroll info, bank account details, and student academic records.