Applications for the CyberCX Academy: All-Women Cohort are now open →

Cyber Intel Report | October 2020

Higher Education Industry Threat Report

Foreign Governments Targeting Future Australian Government and Private Sector Leaders

State-sponsored actors with strategic interest in Australia are known to target Australian universities to facilitate espionage and geopolitical objectives. In some instances when the theft of personally identifying information (PII) from Australian universities has been orchestrated by non-financially motivated actors, it is possible the actors’ intent was to facilitate human intelligence (HUMINT) collection both in terms of reconnaissance of future insiders and monitoring foreign students.

Access to the PII contained by universities can enable espionage-focused actors to groom or coerce current or future government, defence and intelligence employees into acting as insider threats. PII obtained from Australian universities through cyber-attacks can be used to inform targeting for HUMINT recruitment of current and future employees of Australian government, defence and intelligence organisations. For example, this information could be used to identify and/or build intelligence profiles of people who are current or likely future employees of these organisations. An adversary could then use these profiles to select targets with whom they can attempt to build exploitable relationships.


ANU Cyber Attack

Public reporting suggests that the late-2018 cyber-attack against the Australian National University (ANU) was conducted by state-sponsored or state-based actor with strategic interest in Australia, whose intention was to collect intelligence on current and future government, defence and intelligence employees*.


*https://www.canberratimes.com.au/story/6202000/anu-breach-a-risk-for-security-officials-as-china-becomes-key-suspect/

Request full report

The CyberCX Cyber Intelligence team published the Australian Higher Education threat report as part of a suite of periodic industry-specific reports. These reports present focused and highly contextualised information that are intended to be used by organisational decision makers.
To request access to full reports including industry-specific recommendations, please complete the form.

Back to Resources



Ready to get started?

Find out how CyberCX can help your organisation manage risk, respond to incidents and build cyber resilience.