Cyber Intel Report  |  October 2020

Higher Education Industry Threat Report

Foreign Governments Targeting Future Australian Government and Private Sector Leaders

State-sponsored actors with strategic interest in Australia are known to target Australian universities to facilitate espionage and geopolitical objectives. In some instances when the theft of personally identifying information (PII) from Australian universities has been orchestrated by non-financially motivated actors, it is possible the actors’ intent was to facilitate human intelligence (HUMINT) collection both in terms of reconnaissance of future insiders and monitoring foreign students.

Access to the PII contained by universities can enable espionage-focused actors to groom or coerce current or future government, defence and intelligence employees into acting as insider threats. PII obtained from Australian universities through cyber-attacks can be used to inform targeting for HUMINT recruitment of current and future employees of Australian government, defence and intelligence organisations. For example, this information could be used to identify and/or build intelligence profiles of people who are current or likely future employees of these organisations. An adversary could then use these profiles to select targets with whom they can attempt to build exploitable relationships.

ANU Cyber Attack

Public reporting suggests that the late-2018 cyber-attack against the Australian National University (ANU) was conducted by state-sponsored or state-based actor with strategic interest in Australia, whose intention was to collect intelligence on current and future government, defence and intelligence employees*.