China accused of stealing personal data from 200,000 university students in Australia to ‘blackmail them into becoming spies’
CHINA has been accused of stealing the personal data of 200,000 university students and staff in Australia to blackmail them into becoming spies.
Senior intelligence officials strongly suspect China of having orchestrated the attack, which targeted bank numbers, tax details, and academic records going back 19 years, the reported.
Authorities have described the attack as “sophisticated”, indicating it was almost certainly the work of a government as opposed to a criminal or political group.
China is one of the few countries thought to be capable of pulling off such a large hack, and officials are concerned that it intends to use the information to groom a new generation of spies.
The Australian National University (ANU) in Canberra, whose alumni include prime ministers, diplomats, and military leaders, revealed the attack on Tuesday.
Vice chancellor Brian Schmidt said the university had detected an “unauthorised access to significant amounts” of data.
He added that the breach had begun late last year but had only been detected a fortnight ago, meaning the hackers had access to the data for at least five months.
COLD WAR TACTICS
The breach comes after the Australian government’s elite spy agency last year helped the university improve its cyber defences.
It is thought Chinese intelligence services could have developed tactics used during the Cold War by the Soviet Union, who succeeded in recruiting future informants while they were still students.
The best known case is that of the Cambridge Five, a group of five British diplomats and spies who were found to being working for the Soviet Union having been recruited at the University of Cambridge.
BLACKMAIL IN THE SOVIET UNION
During the Cold War, the Soviet Union developed a strategy that became known as Kompromat, based on a phrase in Russian used to refer to “compromising material”.
The KGB and the Russian state would obtain information about Western insiders and then use it as leverage.
In 1956, British civil servant John Vassall was blackmailed into becoming an informer for the KGB after a honey trap operation in Moscow produced photographic evidence that he was gay, still illegal in Britain at the time.
A year later, a similar operation was conducted against American journalist Joseph Alsop, but instead of handing over information he wrote a piece detailing the incident and including a history of his sex life.
This attack is the latest in a series on Australian public bodies in recent years.
In February, MPs were told to reset their passwords amid fears of an attack on the parliamentary computing network, while 2015 and 2016 saw high-profile attacks on the government’s weather and statistics agencies.
COULD IT HAPPEN HERE?
The revelations could raise concerns about the vulnerability of British universities to similar attacks.
"The cyber security of British universities is a bit of a Curate’s egg. It’s good in parts, not so good in others,” said Professor Alan Woodward of the University of Surrey's Centre for Cyber Security.
“The main issue with universities is that they’re typically very open environments. They’re there to share research. They have a very collegiate atmosphere. That means they’re not easy to close down.
“Increasingly we’re seeing universities targeted because the intellectual property being created by their research can be very valuable once it’s out in the world, so the earlier hackers can get at it the better for them."
He added that China is very active in the world of cyber intelligence.
“It’s a great simplification, but China tends to focus on scooping up very large amounts of information.
“What it comes down to is if someone’s got the capability to disrupt your cyber network, that can have a huge impact on a society. It’s a bit like the old mutually assured destruction.
"At the moment we’re in the Cold War part, where it’s all about stealing information."
But he also said that organisations like universities tend to have systems in place to guard against attacks of the sort seen in Australia.
“Some universities are better than others at checking their networks regularly for unusual activity," he said.
MOST READ IN NEWS
"For a breach to go undiscovered for five months is very unusual today, because of the intrusion detection systems we have now that can raise a red flag.
“I like to think British universities are some of the best in the world on this, but there’s no such thing as an unhackable system."
We pay for your stories! Do you have a story for The Sun Online news team? Email us at [email protected] or call 0207 782 4368 . You can WhatsApp us on 07810 791 502. We pay for videos too. Click here to upload yours.