Australian National University still tight-lipped on system breach

After it was revealed on Friday that computer systems at the Australian National University (ANU) had been compromised, the university said on Monday it is still seeking advice from the federal government, months after the threat was found.

The breach, first reported by Fairfax, has raised concerns over national security, with ANU home to the National Security College which trains defence and intelligence officials out of Canberra.

The finger has been pointed at the Chinese government, with the initial report stating federal government officials had confirmed that the cyber attack was launched from China and that the ANU computer network was significantly compromised.

"We can assume this cyber intrusion has involved the theft of information. The question is 'what was sucked out and how sensitive is it?'" a national security official is quoted as telling Fairfax reporters.

Other reports also say the Australian Cyber Security Centre (ACSC) followed the hackers' trail to China where it was found the threat actors took over ANU's domain controller, giving them system administrator power across the network.

Meanwhile Australian Minister for Law Enforcement and Cyber Security Angus Taylor, who has on multiple occasions said it is important to publicly attribute cyber attacks to nation states, would not confirm that China was behind the incident, saying instead he condemns any malicious activity against the country.

The university confirmed it had been working with intelligence agencies for several months to minimise the impact of the threat.

"Over the past several months the university has been working in partnership with Australia government agencies to assess the scale and minimise the impact of the threat," the university told students in an email. "We continue to seek and take advice from Australian government agencies."

ANU told ZDNet current assessments indicate that no staff, student, or research information has been taken and "counter-measures are being undertaken".

Also on Friday, the federal government officially opened its Joint Cyber Security Centre (JCSC) in Perth. The Perth centre is the fourth state-based centre to open, joining Brisbane, Melbourne, and Sydney. Another centre in Adelaide will open later this year.

A AU$47 million initiative, the JCSCs are touted as critical hubs for business and government to improve cybersecurity practices and share information.

PREVIOUS AND RELATED COVERAGE

'Decryption' legislation a top priority for Australia's cybersecurity minister

Almost 12 months since Canberra announced plans for a decryption silver bullet, Minister for Law Enforcement and Cyber Security Angus Taylor said the legislation is still on its way and it's one of his personal priorities.

Australian government considers approach to cybersecurity 'world-leading'

A prime minister that understands the seriousness of cybersecurity combined with cross-government and public-private information sharing initiatives has sent Australia to the fore, according to Minister for Law Enforcement and Cyber Security Angus Taylor.

Australia also points finger at Russia for NotPetya

The Australian government has joined the United Kingdom and the United States in blaming the Kremlin for NotPetya attacks.

Kaspersky Lab talks with Canberra to prevent US-like ban

The Russian-based security vendor met with the prime minister's office to tout its new transparency centre initiative and proactively prevent the Australian government from following the United States in banning its use.

Cybersecurity's biggest challenges: Trust, cyber fatigue, and the battle over AI (TechRepublic)

Dr. Richard Ford, Chief Scientist at Forcepoint, discusses how cyber attacks undermine confidence in our institutions, the dangers of "cyber fatigue," and how AI is where the battle for cyber safety will be won or lost.