Alex Joske,a China researcher for the Australian Strategic Policy Institute’s International Cyber Policy Centre,said the cyber attack was a major wake-up call.
“ANU has involvement in important Australian government projects. This hack might have been aiming to steal information for commercial gain or for strategic or technological gain for the Chinese military,” Mr Joske said.
“There has been a lack of caution on the part of Australian universities in their dealings with China. Australian universities need to keep working closely with the Australian government on cyber policy.”
The attack raises questions about China’s compliance with an agreement Beijing struck with the Turnbull government in April last year. The two countries promised not to hack one another for the purposes of stealing intellectual property,trade secrets or confidential information.
The accord,which was signed after Prime Minister Malcolm Turnbull raised cybertheft directly with Chinese Premier Li Keqiang,includes a mechanism for raising issues and incidents that could cause problems between the two countries.
The Turnbull government has been considering the role of government agencies such as the Australian Signals Directorate in protecting the nation's critical infrastructure. It is understood to be looking closely at Britain's National Cyber Security Centre,which plays an active role in blocking cyber attacks on organisations outside the British government.
Experts such as Dorothy Denning,a Professor of Defence Analysis at the US Naval Postgraduate School,have claimed that China has used hackers to steal “more secrets from businesses and governments than any other country”.
In 2015,it was revealed that hackers directed by a foreign government had infiltrated the Australian Bureau of Meteorology's IT system using malicious software,known as “malware”. The intrusion led to the theft of information and potentially compromised the computer systems of other government agencies. Experts also blamed China for this attack.
A statement from the Minister for Law Enforcement and Cyber Security,Angus Taylor,said the Australian Cyber Security Centre had been working with the university for several months"to provide support on this matter".
"The Australian Government condemns any malicious activity that targets Australians and Australian networks.
"We know that nation states and criminal groups actively target research and tertiary institutions to steal the intellectual property of hardworking Australians."
Mr Taylor said"malicious cyber activity against Australia’s national interests,whether from criminal syndicates or foreign states,is increasing in frequency,sophistication and severity,and the Australian Government’s highest priority is ensuring Australians are safe and our interests are secure.”
Chinese hackers have previously been blamed for the Titan Rain cyber attacks in the US which involved the theft of sensitive defence information from private and public agencies. The number of cyber attacks dropped after the US and Chinese governments agreed in 2015 to stop government sponsored cyber hacking of commercial secrets.
President Donald Trump has also accused China of using hackers to steal US intellectual property.
In October,there were calls from Australian cyber-security experts for the Australian government to"name and shame"countries behind state-sponsored hacking after a major breach of a defence subcontractor.
Thirty gigabytes of unclassified but commercially sensitive data were stolen by hackers who accessed the systems of a Department of Defence subcontractor with lacklustre security protocols. The data included information about the $14 billion Joint Strike Fighter program,Australia's next fleet of spy planes and several of its naval warships.
While the Australian government did not blame any country for the attack,a senior cyber-security official suggested it was carried out by state-sponsored hackers and that a tool popular with Chinese hackers was used to execute the breach.