It is essential to know about the Cyber Security attacks in Australia that gave nightmares to Australian businesses, to understand its severe impact. As per surveys, 1 out of 10 Australian companies are victims of a cyber-attack, and there is a ransomware attack in Australia every 14 seconds. Seeing the seriousness of the impact, Australian organisations need to guard their security systems as a high priority for preventing further cyber-attacks.
The last two years saw a massive rise in cyber-attacks as businesses switched to the online work formats, and remote work modules got the limelight. While shifting their base online, the businesses didn’t invest much in the safety and protection of their systems, They might have not thought that cybercriminals were quite active during the COVID-19 pandemic, and in search of businesses whose IT systems could be easily hacked.
Adapting to online formats also gave little time to employees to take care of the security risks and many fell victim to email phishing, which was one of the key sources for hackers to attack organisations.
What is a Cyber-attack?
Cyber-attack is an unauthorized breach of sensitive data to demand money, create a nuisance, damage reputation, etc. Data breaches are carried out by cybercriminals, who are professional unethical hackers. Some actors can be local, some belonging to a big group while some are state or country-sponsored hackers employed to damage the reputation of a country or business by conducting cyber-attacks.
To fight cyber security attacks, it is essential to understand the top cyber security threats affecting Australian businesses:
Top Cyber security threats affecting Australian businesses
It is leading the types of cyber security threats, affecting Australian businesses. Ransomware is malicious software used by cybercriminals to either encrypt sensitive company data or lock users out of their computer systems. The thief will keep your data as a hostage until you pay a ransom to recover it. According to a recent data report, 48% of Australian businesses were targeted by ransomware attacks in 2017. Also, each attack cost businesses an average of AU$822,251.
2) Email & SMS scams, phishing
Email and SMS scams are next on the list, with people lured into clicking on SMS messages or e-mails that are engineered to look like authentic ones. They use authority, curiosity, excitement, lucrative deals, and fear of customers to trick them into clicking on them. These emails also instilled malware, and Trojan viruses into the company’s systems and caused severe damage.
3) Malware and viruses
Malware and viruses are shared by hackers via unsafe websites that are not secured with an SSL certificate. To overcome this, we advice the use of only HTTPS websites that are encrypted, unlike the HTTP ones, thus preventing any breach of data. Using a good anti-virus is recommended. Do not use connectors, pen drives, and hard disks unless they are scanned before accessing your system. Do not connect these external devices to laptops without an anti-virus or computer systems at offices, internet cafes, libraries, etc.
4) Social media hacking
Lockdown promoted social media hacking. Many people got a little extra time during lockdown to showcase their passions from the comfort of their homes. Social media handles like Instagram, LinkedIn, Facebook, Twitter, and other creators’ apps, etc. acted as a platform. With more people creating social media accounts, there were increased instances of social media account hacking. The hackers got a direct and free platform to exploit people. Two-factor authentication or Multi-factor authentication is recommended to secure your social media accounts from hacking.
5) Quantum technology
Though it is considered the technology of the future, cybercriminals are collecting encrypting data to be able to hack quantum technology too. So, global IT giants must work with cyber security cells and the government to prepare a secure framework while developing this technology that will have a long shelf-life.
6) Internet service providers
Internet service providers are another source of cyber threats, as every network provider will have a different level of security. The ones with less severe security will be prone to attacks.
Employees are the soft targets used by cyber thieves to gate crash a company’s computer network. It is easy to lure office staff with socially-engineered emails inviting them to click on them. It is essential to provide training to employees against possible cyber attacks, sources used by hackers, and all the terms that come under cyber security. Awareness and safety precautions on an individual level will contribute to the overall computer security of the Company.
8) Supply chain attacks
The supply chain attacks involve third-party that has access to the computer networks of a business. A lack of information security and cyber security measures taken on their part will compromise an organisation’s systems. Hence, companies must inform their third-party vendors about taking safety precautions against cyber attacks.
The COVID-19 pandemic had the world online on the internet most of the time. This increased the use of smartphones by users. The smartphone is a disruptive innovation, promoting cybercrime. Internet consumption increased during this period. Hacking smartphones is easy, as users can be lured into buying or downloading any mobile app with some monetary benefits. Financial scams were frequent, as people used online payment apps and UPI systems, which were easy targets.
A lack of security in smartphone systems further compromised data. Online games were another source of breach and hacking. Families were on shared networks and surfed web content that further promoted attacks. Both Android and iOS operating systems were compromised. The cyber security intelligence bureaus informed that major attacks were an outcome of a lack of security measures adoption. People didn’t use the basic anti-virus or spyware protection during the lockdown.
Top Cyber Security attacks in Australia
From the cyber-attack trends in Australia, it has been found that Australia’s health sector has been targeted by cybercriminals. We have also shared some noteworthy attacks in the health sector of Australia in this article. During the last 2 years, the health sector boomed, owing to the COVID-19 pandemic.
1) Red Cross data breach (2016)
In 2016, Red Cross Blood Service saw one of the biggest data breaches in Australia. Information of about 1.28 million donors recorded from 2010 onward was stolen from the servers. A 1.74 GB file was stolen and had all the information of donors, including name, age, gender, address, etc. The entire data was posted on a public website. It was identified with the help of an IP address scan, which was specially built to trace private stolen information posted on public platforms.
2) Canva (May 2019)
It is one of the biggest data breaches of 2019 that affected 137 million Canva users. Hacked by a cyber threat actor recognized as Ghosticplayers, the attack compromised personal information, country, encrypted password, email address, and partial payment information of users. Canva stopped the cyber-attack immediately after noticing some malicious activity
3) Australian National University (ANU) Cyber-attack (2018)
The Australian National University (ANU) witnessed a cyber-attack in 2018 that left even the cyber security experts puzzled. The data breach was conducted in four stages of a phishing campaign until they were able to hack the University’s Enterprise Systems Domain (ESD). The domain contained the sensitive data of the university. Information dating back to 19 years ago was stolen and included name, address, bank account details, emergency contact info, date of birth, tax file numbers, and the academic results of students.
4) Melbourne Heart Group Data breach (2019)
A Cardiology specialist unit from Cabrini Hospital called Melbourne Heart Group faced a ransomware attack. Locked out of their systems for almost three weeks, sensitive data of 15,000 patients was held hostage until a bitcoin ransom was paid by the hospital. Patient data and medical reports were compromised during the attack. The authorities informed that sensitive data was compromised, and not all files were recovered after the ransom was paid.
5) Australian Parliament House (2019)
The networks of the Australian Parliament House were hacked by a nation-state criminal group. China was speculated to be responsible for the attack, as a response to Scott Morrison banning Huawei and ZTE equipment from Australia’s 5G network.
Though the attack resulted in some data loss, none was classified as ‘sensitive’ as per the head of the Australian Signals Directorate (ASD) Mike Burgess.
“There was a small amount of data taken; none of that was deemed sensitive, but the assessment of that is a matter for the parliament themselves,” Mike shared at the Foreign Affairs, Defence, and Trade Legislation Committee on April 5, 2019.
The cybercriminals used phishing methods to steal employee credentials to enter the government’s network. This cyber-attack took place on an infected external website visited by a small number of parliament staff.
6) Tasmanian Ambulance Data Breach (January 2021)
Outdated radio technology was considered responsible for the data breach of the Tasmanian Ambulance which impacted every person who requested an ambulance during the span of Nov 2020 to Jan 2021. Cybercriminals were able to hack the radio data and converted it to text and posted it online. The stolen data included Gender, Age, HIV status, and Address of each emergency incident.
7) Western Australian Parliament Data Breach (2021)
The email network of the Western Australian Parliament was attacked by cybercriminals on 4th March 2021, as a part of the massive global attacks involving the Microsoft software. As per the investigation, no sensitive information was leaked, and the servers were back by the next morning. The forensic audit found that there was no data leak.
On 3rd and 9th March, the Australian Cyber Security Centre (ACSC) published an alert on its website urging organisations using Microsoft Exchange to urgently patch several vulnerabilities.
The ACSC further went on to publish a broader technical advisory warning on 11th March 2021 urging all businesses and organisations, using Microsoft Exchange products, to urgently patch their software, after it was compromised by cyber-attacks. Though the Federal Government hasn’t publicly identified any business or organization hit by the hack, thousands of Australian servers are believed to have been affected by the cyber-attack.
8) Northern Territory COVID-19 Check-in App Hack (February 2021)
In February 2021, a Covid-19 check-in app was hacked in the Northern Territory leaking 4400 emails including personal and business. The Head of the COVID-19 hazard management unit, Sue Hawes informed that the breach of data was caused by an unintentional error. During the launch of the app, NT residents were told that only health officials and IT support people will be able to access the collected data.
9) Service NSW Data Breach (April 2020)
In April 2020 Service NSW company from Australia became a victim of email phishing. Their 47 employee accounts were hacked. About 5 million documents were compromised in the series of attacks, and 10 per cent of sensitive data was hacked impacting 104,000 people. A lack of multi-factor authentication was held as the reason for this internet security breach.
10) Eastern Health Data attack
Eastern Health which operates 4 Melbourne hospitals, became a victim of a cyber data theft that led to the postponing of certain elective surgeries. No patient data was compromised as informed by the hospital officials. It was a suspected ransomware attack based on the information shared by ACSC that there has been an increase in ransomware attacks targeting the Australian health sector.
11) Transport NSW exposes driver’s licenses
More than 54,000 NSW drivers’ licenses were exposed in a data leak. The licenses were exposed on an open Amazon Web Services cloud storage service.
There were some high-profile cyberattacks that grabbed global headlines and demanded an urgency to implement strict internet security measures against future threats.
Small businesses prone to Cyber security threats in Australia
Small businesses in Australia have limited infrastructure and cannot afford to invest huge amounts in safeguarding the cyber security of their organization. This is one of the biggest reasons, they are more vulnerable to cyber threats. Secondly, there is a lack of organization among the various departments, and little knowledge on the employee level to take precautions against any foreseen attacks. Installing anti-virus software and switching on the firewall won’t always help.
Hackers have ways to enter your systems, like phishing emails that have a major share in the cyber-attacks seen in Australia. Employees need to be guided to not click on any suspicious or unknown link coming from an unknown source.
The socially engineered emails look so professional and instil emotions like curiosity, authority mandates, etc., that employees are fooled into clicking on them. But this is a trap, and the staff needs to be trained against them. The recently released 20 percent tax deduction could encourage small businesses to invest more in cyber security in the near future.
Small data breaches not acknowledged
Many small data breaches in Australia are not acknowledged because the Notifiable Data Breaches scheme (NDB) has minimum criteria to report a cyber-attack. Only businesses with an annual turnover of over $3 million are eligible under this scheme. This is a security drawback and measures need to be taken to include small enterprises irrespective of their turnover, and ‘Cyber Security for all’ should be followed.
Basic cyber security steps for small businesses
Understanding the possible cyber threats based on market-specific research is essential to secure businesses against any cyber breach of data. Adoption of strict security measures and a robust strategy to promote cyber resilience is the need of the hour. Below listed are some basic security measures that can be adopted by businesses:
- Investment in Computer Security and hiring a professional Cyber Security Consultant to safeguard their company’s systems.
- Train employees about Cyber Security and provide them guidelines on preventing any data breach on an individual level.
- Do not hide any attack with the fear of reputation loss.
- Use cloud networks to backup company data.
- Provide limited access to authorities when it comes to sensitive data.
- Change passwords after an employee has resigned from the organization.
- Do not allow third-party data drives to be connected to the Company systems.
- Use a shared network like SharePoint to access information across various departments.
- Use a good anti-virus and spyware.
- Do not share login credentials with anyone.
- Do not leave your systems unlocked when not working.
- Remote desktop protocol implementation is a must for online work formats.
Australian Cyber Security Centre
The Australian Cyber Security Centre (ACSC) within the Australian Signals Directorate (ASD) leads the Australian Government’s efforts on national cyber security.
In the light of the Russian-Ukraine war, world governments and businesses are at risk. The cyber-attack risk on Australian networks has increased either directly or indirectly. While ACS has not identified any threat currently, it has urged Australian businesses to adopt an enhanced security posture to prevent future cyber data breaches.
Organisations are requested to check all the information released on cyber threats and mitigations relevant to their network. This will make businesses and their employees aware of the possible threats, and they will be able to spot them and inform the IT department in case of any future occurrence.
According to ACSC, Investing in preventative cyber security measures, such as keeping regular offline backups of business-critical data and patching known security vulnerabilities, is more cost-effective than the comparative costs incurred when attempting to recover from a ransomware incident.
In Australia, the State and Federal Legislature criminalise unauthorised access to computer networks of an organisation that compromises its privacy. There is strict Criminal Procedure and Force (law), especially after the massive rise in ransomware attacks. The Criminal Code Act 1995 (Cth) criminalises hacking. The various sections of the act have criminal charges against different types of attacks.
Malware infection of IT systems is charged by the 478.3 section of the code and can cause a maximum two-year jail to the suspect. Further, the sale of tools like hardware and software used for cybercrime is charged under the 478.4 section of the code, while only possession comes under 478.4, and both can amount to three years of imprisonment. Electronic theft is charged under 478.1.
The government and law of Australia have severed sanctions (law) against ransomware. Hackers will face 25 years of jail if convicted of a ransomware attack.
Mitigation and ACSC guidelines to stay secure
The ACSC recommends that organisations urgently adopt an enhanced cyber security posture. This should include reviewing and enhancing detection, mitigation, and response measures. It has asked businesses to take below on priority:
1) Patch applications and devices
2) Implement mitigations against phishing and spear-phishing attacks, vector (malware), computer worm, Trojan viruses, etc.
3) Ensure that logging and detection systems are completely updated and functioning.
4) Review incident response and business continuity plans.
What does the future hold when it comes to cyber-attacks?
With the development of technology, the cyber security threats, and the scope for hackers to tamper with data will also increase. Hence, continually monitoring and maintaining your organisation’s information security management systems is essential to promote security. Working with expert consultants and achieving cyber security and information security is the need currently as well as in the future.
Are Australians at a ‘turning point’ on cybersecurity?
With Australia ranking third in the world for the number of cyber-attacks witnessed in 2021, the Australian government has notified businesses to strengthen their cyber security frameworks. The Australian Cyber Security Centre as well as the government’s official site for cyber security is providing the latest updates and guidelines to prevent cyber threats.
What is the cost of cyber-attacks in Australia?
As of 2022, the total amount lost in scams is $72,231,217 of which the major share goes to the financial and dating scams. The other sectors include small businesses, health sectors, government, education, etc.
If your company’s data is held hostage, should you pay the ransom?
No! You must not pay the ransom and immediately inform the Cyber security department of the government of Australia. Paying the ransom doesn’t guarantee retrieval of data, but on the contrary, might give the hacker a future opportunity to hack your systems again!
Who can I report a cybercrime?
You can report a cybercrime to the police through ReportCyber. Based on your location, the appropriate police jurisdiction will assess your report.
What are the basic security precautions one can take on an individual level?
Update software on your devices regularly, back up your data on the cloud networks and use a Multi-factor Authentication.
Where can I learn more about cyber security?
You can find a lot of information on the internet about Cyber Security. But if you want professional assistance, you can speak to our experts now by calling on 1300 802 163 or e-mail us at – firstname.lastname@example.org or enquire here.