IT Pro

UNSW confirms hacking breach

The University of NSW has been the target of a "concerted effort" to hack its systems in December and January forcing the shutdown of 25 of its servers, a spokesman confirmed.

Universities are being increasingly targeted by hackers who often want to get access to high-bandwidth university internet connections and use them to conduct further attacks.

UNSW.
UNSW. Photo: Tamara Dean

It comes as the Prime Minister, Julia Gillard, reportedly plans to raise a massive escalation in cyber attacks against government and industry as one of the two key security issues facing the nation in an address on Wednesday.

A spokesman for UNSW said it appeared multiple attackers began sniffing around its network around the beginning of the Christmas shutdown on December 19, with the first successful intrusion occurring on Christmas Day. That server was shut down on Boxing Day.

"Further attacks occurred in late December and early January, these were detected on January 3 and UNSW shut down 25 servers on January 5 as well as suspending a number of user accounts," the UNSW spokesman said.

The university said remediation and forensic investigations were under way and it had asked staff to change their email passwords. But it was still not sure of the motivation or the source behind the attacks.

"To date there is no indication that these hackers have succeeded in causing loss or damage to UNSW," the university's spokesman said.

The university said it had not yet informed the police of the incident.

"UNSW maintains regular contact with law enforcement agencies but we have not yet requested their involvement. We will make that assessment under advice once the investigation has progressed further."

This morning The Australian reported that Ms Gillard would use her speech on Wednesday to the Australian National University's National Security College in Canberra to outline Australia's national security objectives including the need to build defences against malicious cyber attacks which affect governments, businesses and the community.

A new draft defence white paper, according to a report today in The Australian Financial Review, warns an adversary could attempt to use cyber attacks on Australia's defence networks to bring down systems crucial to deploying troops to war.

The 20-year threat blueprint, scheduled to be released by the government in June, reportedly warns Defence's increasing reliance on smart weaponry and networked systems means troops risk being targeted by cyber attacks. Chinese and Russian hackers were already the source of thousands of cyber attacks on business and government systems in Australia, the US and Britain.

Australian defence agencies deal with hundreds of attacks per month.

Separately, last week Fairfax Media found that a hacker breached another UNSW server but the university described it as "low-risk".

A computer security consultant, who did not want to be named, said he had seen universities targeted a lot recently among his clients. Universities were mainly targeted because they have large high bandwidth internet connections that can be used to launch further attacks.

The consultant questioned whether hacked universities know when they've been targeted and what data was accessed or modified.

1 comment