Cybersecurity experts pause, ponder and explain ANU cyber attack incident

711 million data breach
Data breach Pawel Kopczynski/File Photo/Reuters

After the Australian National University (ANU) revealed that it has been attacked by the cybercriminals, who gained access to the personal information of up to 200,000 students and employees dating back 19 years, the cybersecurity experts have shared their analysis while explaining the scenario.

A quick flashback of what happened:

  • This is not the first attack on ANU networks, as the hackers infiltrated the university's IT systems in July 2018.
  • The recent cyber attack was conducted by "sophisticated operator."
  • The hackers gained access to the information which includes, names, email addressed, phone numbers, tax-file numbers, payroll information, bank account and passports details as well as student academic records.
  • Staff and the students were already asked to change their passwords as well as monitor incoming emails and use updated systems on devices.
  • No evidence has been found that showed that the attack had affected any research paper.

Even though there are several security measures in practise, in the past few years the surge of cyber attacks has increased drastically and many universities and agencies were affected by such incidents.

The US-based software company, Carbon Black recently released an Australia threat report, which showed that attacks are increasing in volume and sophistication, with 89% of Australian businesses surveyed having been breached over the past 12 months.

The report also revealed that 81% of surveyed organisations reported seeing an increase in attack volumes and 88% of surveyed organisations said cyber attacks on their company had grown more sophisticated.

Rick McElory, the Head of Security Strategy at the company told IBTimes Singapore that it was Carbon Black's first Australian threat report, which indicated that the organizations in Australia are in extreme pressure from escalating cyber attacks.

"The research indicates increases across the board in attack volume and sophistication, causing frequent breaches. In response, an encouraging number of Australian organisations are adopting threat hunting and seeing positive results. As threat hunting strategies start to mature, we hope to see fewer attacks making it to full breach status," he further added.

American Internet security company, Malwarebytes also expressed its concern over the recent ANU data breach. Its Regional Director for Australia & New Zealand, Jim Cook said that this incident demonstrated that no matter how much "care, money and effort go into protecting an organisation, it is not a case of 'if' but 'when' a breach may occur."

He also stated that "whilst we are a critical part of any defence and recovery plan, such incidents are a reminder that it is necessary for the management level to highlight the importance of cyber defence, have a plan ready and to practise the plan" so that when something like this happens, the authority can take situation under control "with effectively as part of a technical, risk and processed-based plan."

Sanjay Aurora, Managing Director of Darktrace, APAC also mentioned that the ANU incident isn't isolated, as no organizations are immune to these slow and steady cyber attacks but "identifying a breach months after the attackers have infiltrated the network is fighting a losing battle."

"Companies need to turn to AI technology, which is capable of stopping threats within seconds of emerging on the network. Though there is no silver bullet in the fight against cyber-crime, using machines to help fight back on our behalf is our best line of defence," he further added.

Recently the Office of the Australian Information Commissioner (OAIC) has released the quarterly data breach report, which showcased that more than 10 million Australian people had personal information compromised in one single cyber-attack incident.

It did not provide any details on the origin of the cyber attacks. The report revealed that most numbers of affected people from a single finance-related breach was less than 500,000, while the health sector faced three heavily impacting breaches, which affected less than 5,000 individuals each.