According to this article, hackers responsible for cracking the Australian National University’s network focused on student information and were so sophisticated that experienced security experts were shocked. ANU vice-chancellor Brian Schmidt has described it as a “diamond heist”.
In 2018 it took just 16 minutes for the first click to occur on a phishing email. As such, it is worrying that in 2019, that timeframe has not lengthened at all. Whilst advanced privileged access management systems and two factor authentication may be used correctly by organisations, newly developed infected emails can still pass the defence line and enter a network. With this in mind, it is important that identity and access management systems and processes are current, with the fast moving nature of these hacks, it is vital organisations keep up. This is particularly in the case of higher education institution which are at risk as a result of maintaining old computers and old systems that house significant amounts of valuable personal data which can be sold on the black market.