[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Email based attack on University

On Wed, 2 Oct 2019, at 10:03, Keith Bainbridge wrote:

> Details are at
> https://www.abc.net.au/news/2019-10-02/anu-cyber-hack-how-personal-information-got-out/11550578
> https://www.abc.net.au/news/2019-10-02/the-sophisticated-anu-hack-that-compromised-private-details/11566540

It seems to me that everything follows from whatever access the initial 'unclicked email' malware
gave to the hackers.

But how can malware jump from an email that's not "clicked", into some part of the university's 

Unless... the email was being viewed via a webmail system running on a server not owned by the

Then... is this just malware of the sort that any website could deliver to any visitor? 

Even if it was, one might expect the viewer to have been using a desktop PC of some sort, with - 
surely - whatever anti-malware software the university deems appropriate for their PCs?

Or... do all their staff use a mish-mash of personal devices, and those don't have to have any 
anti-malware apps on them?

Jeremy Nicoll - my opinions are my own.

Reply to: