Country behind cyber attack on ANU unlikely to be named, analyst says

The sophisticated cyber attack, which occurred in late 2018, was publicly revealed in mid-2019 after Vice-Chancellor Brian Schmidt emailed students and staff about the breach.

Australia's top domestic intelligence official confirmed earlier this year a country was behind it but would not be publicly named.

Australian Strategic Policy Institute cyber policy analyst Bart Hogeveen believed it was unlikely the country would ever be named as there presented no benefit for diplomacy or the public.

It comes as a coalition of western nations, including Australia, banded together to call out China for its involvement in a cyber attack on US tech company Microsoft earlier this year.

It's alleged China's Ministry of State Security hired criminal hackers to undertake the exploits, which the coalition claims has opened the door for cyber criminals around the world.

China has firmly denied the allegations.

While the public attribution of China's involvement in the cyber attack marks a shift in the recent approach, Mr Hogeveen said the tense relations between the two countries meant it wasn't a top priority.

"Should that relationship change dramatically, positively, over the next couple of years, that might open up room for disclosure at some point," he said.

"But to be honest, I don't see that happening anytime soon."

A spokesperson for the Australian National University said it had not been told which country was responsible for the attack.

"ANU is not able to attribute the attack and the university has not been told who was behind the attack," the spokesperson said.

"Attribution for attacks of this nature are for the Australian Government and relevant government agencies.

"We've published a comprehensive, in-depth and publicly available report on what we can disclose about the breach so that everyone can learn from our experiences."

A spokesperson for the Australian Security Intelligence Organisation said it would only name the attacker when it was in Australia's interest.

"Australia publicly attributes cyber incidents when it is in our interests to do so, especially those incidents with the potential to undermine global economic growth, national security and international stability," the spokesperson said.

"Any future attribution of the 2018 compromise of the ANU would take these considerations into account."

READ MORE:

ASIO boss Mike Burgess told senators in March he was aware of the country behind the attack.

"I do know who was behind it but I would not say that publicly," Mr Burgess said.

"There's not just one country that we should be concerned about ... one country in particular is highly active but they're not alone in that endeavour."

Mr Burgess would not publicly name the countries he was referring to but said it wasn't a small group.

"It's way more than one but it's less than 10, in terms of countries we currently worry about but that can change," Mr Burgess said.

Home Affairs officials earlier refused to be drawn on questioning confirming who was behind the university attack.

Liberal senator James Paterson referred to a report by the Sydney Morning Herald naming China, and citing senior intelligence sources, but deputy secretary Marc Ablong said it wasn't sufficient evidence.

"Just because it's reported in the paper ... doesn't necessarily mean that we can prove anything," Mr Ablong said.

"You need to be more than certain that you know who the actor is before you name them, because there are consequences for naming, not just for the actor involved, but for the country that does the naming.

"We take it very seriously. We try and identify it to the maximum extent we can."

Our journalists work hard to provide local, up-to-date news to the community. This is how you can continue to access our trusted content: