ANU confesses massive China data hack

Via the ABC:

A Nobel laureate in dark energy scared the bejeezus out of Australia’s university chiefs and intelligence agency officials a fortnight ago.

“I want my pain to be your gain so that you know what we are up against,” astrophysicist Professor Brian Schmidt said.

He warned of an existential threat to free and open academic inquiry and implored them to heed his lesson.

Professor Schmidt began revealing the extent of a shocking data hack of the Australian National University, where he’s vice chancellor.

Many of those in the room at this special cyber security meeting at the University of Wollongong, including more than a dozen other VCs, intelligence agency officials and Education Minister Dan Tehan, were surprised by the extent of Professor Schmidt’s candour.

The ANU has been the target of two significant cyber hacks. The most recent, revealed in June this year, was horrendous; the records of an estimated 200,000 past and present staff and students over two decades were pilfered, including banking details, passport and tax file numbers and other sensitive data.

The cyber assault was highly sophisticated, conducted by so-called “spear-phishing” malware that didn’t require anything to be clicked on or opened.

China is believed to have been the culprit.

The ANU experience — and Brian Schmidt’s plea to VCs — is at the pointy end of what’s being called in government circles “resilience building”; a realisation that Australia needs to fortify its systems; its institutions, communications and cyber oversight to protect its secrets, research and intellectual property.

A warm glow for Australia

It’s not that Australia wants to shut the door to the Chinese, or anyone else for that matter, but how to keep it open with exceptional awareness of what — or who — might want to come in.

Because if this is the new Cold War, as some hawkish observers insist calling it, it’s got a peculiarly warm glow for Australia amongst the chill.

Whereas the Soviet Union kept most of its foreign trade with communist countries, particularly those in eastern Europe, China has applied no such constraints on its opportunities, embedding itself in the global network, doubling its economic might in a mere handful of years.

Trump’s trade wars

The US-China trade war has been dominating headlines, but Beijing is not the only trading partner in President Donald Trump’s crosshairs.

For Australia, this has been particularly fruitful.

Even in the face of an escalating trade war between China’s leader-for-life Xi Jinping and the equally nationalistic but constitutionally constrained Donald Trump, Beijing’s reliance on Australia to keep its prosperity compact with its population burns bright.

Figures released in recent days show Australia produced 46 per cent of China’s LNG imports in the 12 months to June and 64 per cent of China’s iron ore imports.

“China is in some respects more dependent on us than we are on them,” Ross Babbage, a former analyst at Australia’s Office of National Assessments, told the Australian Financial Review.

As much as this means that Australia’s economic relationship with China has a substantial non-discretionary portion — which is very useful if you’re Josh Frydenberg attempting to conjure a budget surplus — there is a darker consequence to the development fuelled by Pilbara iron ore and North-West Shelf gas.

As the ANU discovered, China’s ambition knows no bounds.

Middle powers need to be on the lookout

The strategic competition between China and the United States comes at a time when US presidential commitment to internationalism is dubious. Middle powers like Australia will have to do more to keep China checked.

Building security and trade alliances with nations like Vietnam, which has been in fierce territorial dispute with Beijing over the South China Sea and where the Prime Minister is visiting for a couple of days, is now considered critical.

Xi’s China, too often unconstrained by international norms and expectations, has exercised coercion, often economic, in a bid to bend others to its ways — especially in the Asia-Pacific.

The bitter reality about China

The almost-predictable public outcry over Andrew Hastie’s column on China’s rise all but extinguished any discussion of the strategic argument the Liberal MP was attempting, Laura Tingle writes.

Scott Morrison is clear-eyed about the challenge and opportunities for Australia in China’s astonishing rise — in mineral resources, its education, investment and research cooperation.

“Why would we want to contain China’s growth? That would be a bit of a numpty thing to do,” the Prime Minister told David Koch in an interview broadcast this week.

But this does not mean he’ll stop insisting Beijing shows greater regard for other people’s property, territory and systems.

“Having achieved that critical mass of economic performance, the rules that apply to all of us, the United States, have got to apply to China as well,” he said.

“And the rules-based order where it comes to how technology is handled, how partnerships are formed, how payments are made … how you reduce emissions, for example, I mean we should all be subject to the same rules now.”

He hasn’t arrived at this position overnight. Mr Morrison co-signed the ban on Huawei’s involvement in 5G last year when he was treasurer.

Australia’s interests are best served by observance of established rules and norms. That’s not a debating point, but a fact.

Ensuring China lives by them is a whole other matter.

It won’t. Containing its rise is the only way. Thankfully, its own internal contradictions will do that for us over time.

Comments

  1. “The cyber assault was highly sophisticated, conducted by so-called “spear-phishing” malware that didn’t require anything to be clicked on or opened.”

    Sounds fishy. How was the ANU attacked then?
    Spear fishing involves selecting a target to open something.

    • Our universities are literally crawling with “inside men”. Not enough ASIO officers to monitor them all…too focussed on the religious crazies…

    • yeah its b.s. inadequate spam filters, inadequate firewalling, lax passwords and a complete lack of security awareness would all be in play here. emails require interaction to become effective. If nobody had to click on anything then it’s a simple lack of basic security. If someone had to click on something, that should still be a _long_ way from 200,000 records being harvested. What was the escalation path to the data? it all points to a complete lack of security around the data in question. ANU IT have total ownership of this breach.

      • sigh. I forgot about James Bond level operatives. They probably had a usb drive they dropped on the ground outside ANU then it was picked up by incel guy. Along with some pr0n for entertainment of said incel, it had a start up script that cracked the windows administrator password then the root password on their linux db cluster, found then downloaded the databases based on their name and then ejected itself, walked out side and was picked back up by the agent.

      • hey bda2206 – sounds like you know a bit about this stuff. How highly (or lowly) do you rate something like Salesforce for securing its customers’ data? Asking for a friend.

      • GG, google is the best way to check these things
        https://trust.salesforce.com/en/security/security-advisories/ .
        from a cursory inspection, they’ve had a couple of problems but seemingly handled well. I’d prefer they outage than leak data. (vulnerabilities – the email scams happen to everyone)
        nothing like what facebook shows up.. lol
        googled salesforce security breaches, and facebook security breaches

        but also it depends on the people using it to enforce good security.. password complexity and uniqueness.. etc.

        https://nakedsecurity.sophos.com/2016/08/18/nists-new-password-rules-what-you-need-to-know/

    • reusachtigeMEMBER

      “Hey darling incel IT boy with top level university access, let’s go enjoy some cross relations and whisper sweet nothings in each other’s ears”

      • Close enough – ANU replaced Schmidt with pro-China Julie Bishop, who tried to hush up the $450,000 she got from the Chinese in her “Julie Bishop Glorious Foundation”

      • Julie Bishop started out as having a promising role in politics, and managed to turn herself into an A-grade political whore. And she thinks shes some kind of celebrity to boot.

  2. That’ll learn’m good!
    Seriously why is it that second rate network operation and third world network engineering are the norm in Australia?
    There are proper ways to build air-gapped networks and proper ways to operate these networks to ensure data security, but hey F-it were in Australia and everything is sun shine and lollipops, until that nasty Chinese boogie man steals “the precious”.

    Grow up Australia!

    • Even StevenMEMBER

      Agree with the naivety and foolishness of Australians… but I don’t agree with downplaying the insidious role of Chinese state sponsored cyber attacks by sarcastically referring to it as a ‘boogie man’.

      The boogie man is real.

      Lay the blame on the man who’s house has been invaded because he didn’t put on enough padlocks? Or on the intruder?

      • The Intruders job is to Intrude.
        Now you may not agree with State sponsored intrusion and in an ideal world it wouldn’t happen but in a real world it does happen.
        So you need to ask yourself: Is your security optimized for the real world or some idealized world?
        Who’s fault is it if you get the answer wrong?

    • When you consider that who knows how many “security” appliances have back doors built in by the their country of origin’s security apparatus or Dog knows who else (and I’m thinking of the Juniper/NetScreen – NSA revelations of a number of years ago as a case in point), how do you ever build an actually secure connection to ye olde internet without first reverse engineering the firmware of your firewall? As you say, an air gap is about the only way to achieve a truly secure network, but then your utility and convenience go out the window…

      • The data is either worth protecting or it’s not
        the idea that your data is a little bit safe belongs in the same logic bucket as being a little bit pregnant.
        If the data is truly valuable than you protect it appropriately and you make it your business to understand what backdoors you are potentially opening by using this or that product.
        Otherwise all you’re really saying is: I’m a F’ing lazy yobbo who hopes that other net citizens (all of them even the Nigerian scammers) respect my privacy signs….good luck with that strategy!
        Sure there are elements of State sponsored hacking (cyber terrorism etc) in this case which is something newish, and those that want to be shocked will be shocked nay appalled etc especially given that China is behind this etc …but that said it’s not new just the newest way that one of the worlds oldest games is being played.

    • I don’t know about ANU, but most Australian businesses outsource to companies that offshore their IT to India.
      The lowest bidder is rarely the most competent, but hey! we saved money (in the short term).

      • even if you chose a local provider, I know multiple australian based MSPs are using this https://www.continuum.net/ which is 1000 Indian techies suddenly have remote access to your servers. I doubt this is advertised in any agreements.

    • @fisho. Because first rate skills are eagerly sought at proper remuneration overseas, whereas we pay peanuts and think that Indian IT skill is fully fungible with Australian IT skill

  3. Some 85%of US CEOs I think it was in China said that they won’t be there in the next few years. Couple that with foxconn maybe leaving etc and I would say the Chinese gov will be very worried about the possible millions of job losses and and uprise of angry local Chinese. That’s there biggest threat, not us.

  4. With a bit of luck they hacked Dr Demography’s ANU account and China is now adopting extreme population growth policies that will bury their attempts to rise from middle income status FOREVER!

    Someone should warn the Chinese that hacking our universities is likely to introduce some bizarre intellectual viruses back home that they will find impossible to eradicate once established in the middle class tea sipping circles of the vibrant inner suburbs of their major cities.

    • >> China is believed to have been the culprit.<<

      How doest above quote from text eequate with China did iit?
      What if Putin did it, or Kim Young or Asad?
      Why not local fatso?
      Or the one from EnZed? Maybe You Es?

  5. If anyone is shocked by Brian Schmidt’s observations they reveal themselves to be blind and stupid.

    The rise of a zombie-like Chinese nationalism has been coupled with our lack of enthusiasm for defending western values and the prostitution of public institutions for financial gain. A sleepwalking radical Left and morbidly ineffectual ALP has allowed the LNP to hollow us out as a society as it has followed the money like a crotch-sniffing dog.

    This is a crisis mostly because we have lost a sense of our own values. China will not reform and liberalise. Anyone not aware of the danger it poses in a strategy to control its diaspora is not really interested in reality or Australia.

    People like Dan Andrews and Paul Keating who want the China tempo to increase do so because they exist in an ideological yesteryear where China was supposed to liberalise after a BBQ or two. It hasn’t. Now they want the short term cash whilst looking the other way as the truth does not fit their narrative and legacy. To hell with Hong Kong, hey? Stuff Tibet. Let’s have identity politics debates and ignore the re-education camps, surveillance state, political interference and spying.

    If our leaders were actually leaders they would be planning for a life without China. Looking to South America and reforming the western block based upon common values and developing new industries and economies would be good for all concerned. China can only ever reform from within and the west has given it no reason to do so.

    That Morrison wants the China bubble to continue tells us everything we need to know about the integrity of such a position.

    • Mate it cuts both ways, all are guilty of the same sins ….. the only thing is who set the table at onset and the reasons for it and what under pins it all – with the historical back drop in toto illuminating it.

  6. It would be remiss of me if I didn’t point out that the ANU’s Chief Information Security Officer is Suthagar Seevaratnam. https://au.linkedin.com/in/suthagarseevaratnam

    He has an economics degree and a masters in commerce, and a career as a manager and management consultant from 2000-2016. No technical or cyber security background.

    I really don’t know what to say. Well, I do but I won’t. It’s pointless.

  7. “And the rules-based order where it comes to how technology is handled, how partnerships are formed, how payments are made … how you reduce emissions, for example, I mean we should all be subject to the same rules now.”
    Rules based orders are meant for the naive. The Yanks stole or coerced technology, practices and products from the British, the British from the Chinese and Indians, the Europeans from all the new continents, admittedly mostly but not exclusively, business/individuals from business/artisan/cottage industry, instead of Gov.Inc. Australia reducing emissions. LOL. The US does not recognize the International Court in the Hague. Has a history in covert operations to bring down even democratically elected governments. Imposed the USD as an international currency instead of adopting the Bancor, suggested by Keynes at Breton Woods. But if you must have a hegemonic power, and maybe rules to constrain hegemony should be the rules we live by, then one you recognize is preferable to one you don’t understand.

  8. Yep, at work we’ve been tracking these threat actors. Not the fist time, they are targeting major universities in Australia.

  9. “China is believed to be the culprit”
    Did they find those WMD that Iraq was “believed” to possess yet?

    • +1.
      It is nearly impossible to prove who made any particular hack and any semi-competent party will go out of their way to make it look like someone else did it.