Australia releases advice to counter ‘foreign interference’ after university cyber attacks

The Australian Government has published the “Guidelines to counter foreign interference in the Australian university sector” in response to recent targeted cyberattacks aimed at stealing research and intellectual property. 

Minister for Education, Dan Tehan, and Minister for Home Affairs, Peter Dutton, announced the new guidelines for universities on Thursday. 

The guidance is the result of the University Foreign Interference Taskforce launched in August over concerns that state-backed foreign organizations were attempting to interfere with the research agendas of Australian universities through funding deals and cyber attacks.  

Universities are to use the 44-page guidance document to mitigate the risks of foreign interference when collaborating with foreign entities. It defines foreign interference as efforts to alter a university’s research agenda, applying economic pressure, recruiting researchers, and hacking. 

"The Director-General of ASIO says foreign interference against Australia’s interests is at an unprecedented level that includes universities and the research sector," Dutton said.

Duncan Lewis, the now former head of ASIO, in September warned that espionage and foreign interference was “by far and away the most serious issue going forward” for Australia, ahead of terrorism. 

The Australian National University, based in Canberra, detailed a massive data breach that occurred in November 2018 after a senior staff member opened a spearphishing email loaded with malware. The breach was not detected until April 2019 and potentially exposed a database with 19 years worth of research records as well as personal information on staff.

According to ANU’s post-mortem of the incident, the attackers used custom-built malware and zero-day vulnerabilities to breach ANU’s Enterprise Systems Domain (ESD) network. 

China appears to be viewed as the major cyber threat to Australian universities, however Iran-based hackers have also been accused of hacking Australian research bodies and universities.  

The guidance doesn’t specify much in the way of technical cybersecurity measures that should be implemented by universities, but it does encourage cyber intelligence sharing between universities and with government bodies such as the Australian Cyber Security Centre, and treating cybersecurity as a “human” issue that requires a “positive security culture”. 

It also encourages universities to conduct threat-modeling to identify business risks and develop appropriate countermeasures; ensure universities have well understood incident response and reporting procedures in place; and ensure that staff and and students don’t have access to IT systems after they leave the university and face a higher risk of being exploited for foreign interference.   

An investigation ABC’s Four Corners published this month drew attention to a partnership between the University of New South Wales and Global Tone Communication (GTCOM), a Chinese Government owned data-mining company as potentially risky. UNSW claimed GTCOM had no influence on any of UNSW’s programs.     

The new guidance stresses the importance of universities conducting thorough due diligence before entering into partnerships, including interrogating the partner’s past activities and relationships with foreign governments and political parties. It also asks universities to get researchers to consider the potential for their research to become dual-use technologies. 

The paper details one case study in which an unnamed Australian university was approached by a foreign entity to participate in a research commercialization collaboration. The uni’s due diligence found that the foreign entity was publicly endorsed by a scientist who was “decorated for his contribution to advanced weapons systems in the foreign nation”. Top execs from the organization also had current roles in the nation’s defence and military technology industries. 

China’s Foreign Ministry spokesperson Geng Shuang responded to the new guidelines in his daily address in Beijing on Thursday, calling claims of Chinese infiltration into universities “pure hearsay”.  

“It is our hope that the Australian side will adhere to the principle of fairness, transparency and non-discrimination and ensure equal treatment in conducting external education cooperation,” said Geng. 

“I would also like to point out that the long-term cooperative relations between China and Australia in the education sector have greatly facilitated student exchange between the two countries, and contributed greatly to enhancing our peoples' mutual understanding.

“The so-called Chinese "infiltration" into Australian higher learning institutions is pure hearsay. We have repeatedly responded to that at our press conferences. We hope the relevant side could view bilateral exchange from an objective and rational perspective and work to enhance China-Australia friendship and mutual trust instead of politicizing normal exchange programs.”