ANU Enterprise, the not-for-profit subsidiary of the Australian National University (ANU), has confirmed that it was the target of a ransomware attack. This confirmation follows the recent listing of ANU Enterprise on the dark web by the ThreeAM ransomware group, which claimed to have gained unauthorized access to the organization’s systems. Although the attackers stated that no data has been published thus far, the nature of the incident has raised significant concerns regarding data security and the potential implications for affected parties, particularly regarding the sensitive information that may have been compromised during the breach.
In an official statement, an ANU spokesperson confirmed that the ransomware incident led to the encryption and exfiltration of files stored on ANU Enterprise’s IT systems. Importantly, they emphasized that these systems operate independently from ANU’s main infrastructure, meaning that the university’s internal systems remained unaffected by the attack. This separation is crucial for maintaining the integrity and security of the broader university’s operations during such cybersecurity incidents, allowing ANU to continue its educational and research activities without interruption. The spokesperson reassured stakeholders that measures were in place to safeguard the university’s main operational systems while addressing the breach within the subsidiary.
Upon discovering the breach, ANU Enterprise took swift action by notifying the Australian Cyber Security Centre (ACSC) and initiating a collaborative response with the ANU Information Security team. This proactive approach was aimed at assessing the impact of the incident and restoring any affected systems. The spokesperson highlighted the university’s commitment to cybersecurity, stating, “The university takes cyber security and all reports of possible data breaches seriously,” reflecting a culture of vigilance and accountability in protecting sensitive information. They also noted that the organization is dedicated to safeguarding data across all areas of the institution, including its subsidiaries.
As investigations into the attack continue, ANU Enterprise has assured stakeholders that it has not paid any ransom to the perpetrators and is actively reviewing its security protocols to enhance its defenses against future incidents. The university plans to implement additional measures and best practices to bolster its cybersecurity posture in light of this attack. Meanwhile, the ThreeAM ransomware gang has yet to release any information regarding the alleged data exfiltration, leaving significant questions about the full extent of the attack unanswered. The situation underscores the growing threat posed by ransomware groups and highlights the importance of robust cybersecurity measures in protecting sensitive organizational data, especially in educational institutions that handle vast amounts of personal and research-related information.
Reference:
