Australia's top domestic intelligence official has said he's aware of the culprit behind a serious cyber crime attack against the Australian National University but won't publicly reveal further information.
A Parliamentary committee into national security risks affecting the country's university sector has heard the domestic spy agency is aware of the actor behind a sophisticated cyber hack against the Australian National University, which exposed the personal details of students and staff.
Committee chair Senator James Paterson asked Australian Security Intelligence Organisation director-general Mike Burgess if the agency had identified the advanced persistent threat actor behind the 2018 attack.
"I do know who was behind it but I would not say that publicly," Mr Burgess said on Thursday afternoon.
"There's not just one country that we should be concerned about ... one country in particular is highly active but they're not alone in that endeavour."
Mr Burgess would not publicly name the countries he was referring to but said it wasn't a small group.
"It's way more than one but it's less than 10, in terms of countries we currently worry about but that can change," Mr Burgess said.
On Thursday morning, Home Affairs officials refused to be drawn on questioning confirming who was behind the university attack.
Senator Paterson referred to a report by the Sydney Morning Herald naming China, and citing senior intelligence sources, but deputy secretary Marc Ablong said it wasn't sufficient evidence.
"Just because it's reported in the paper ... doesn't necessarily mean that we can prove anything," Mr Ablong said.
"You need to be more than certain that you know who the actor is before you name them, because there are consequences for naming, not just for the actor involved, but for the country that does the naming.
"We take it very seriously. We try and identify it to the maximum extent we can."
The attack on the Canberra university came to light after Vice-Chancellor Brian Schmidt told staff and students in an email sent in May 2019.
"We're working closely with Australian government security agencies and industry security partners to investigate further," Dr Schmidt wrote.
"We have no evidence that research work has been affected.
"The systems that store credit card details, travel information, medical records, police checks, workers' compensation, vehicle registration numbers and some performance records have not been affected."
Data that was accessed in the breach, included the names, addresses, phone numbers, email addresses, tax-file numbers, payroll information, bank account details, passports and academic records of students and staff members.
A university spokesperson said the data had been copied but not altered.