‘Everyone’s a target’: Australia grapples with surge in cyberattacks

A spike in reported cyber breaches against government departments and businesses has raised fears about the nation’s capability to protect itself against escalating cyber threats.

MediSecure, an electronic prescriptions provider, revealed earlier this week that anonymous hackers had accessed customers’ Medicare data and doctors’ private information after a large-scale ransomware attack was launched against the company.

Less than 24 hours later, Western Sydney University publicly revealed about 7500 of its staff and students had their names, academic records and phone numbers illegally accessed in a cyber breach of its IT network.

Financial businesses and universities aren’t the only organisations becoming increasingly vulnerable to cyber crime. Of the fifteen data breaches reported by federal government departments to the Australian Information Commissioner since the start of 2024, five were identified as being malicious cyber activity.

According to Monash University cyber security professor Nigel Phair, there was no “playbook” as to who and what was most at risk.

“Everyone is a prime target because cyber criminals don’t really care. They are purely profit-driven. So they will look for the low-hanging fruit and they will go for it,” he said.

On Friday, Australia’s Cyber Security coordinator announced a hacker claiming to stolen data from the MediSecure breach had put it up for sale on the dark web.

Lieutenant General Michelle McGuinness said it was an “unwelcome development” and urged people to not go looking for the information online.

She said authorities believed a “relatively small group” had been affected.

“I am urgently working with relevant government agencies and relevant health industry bodies on ensuring that medical practitioners are advised of actions they need to take,” she said.

“We believe at this stage that this is a relatively small group that has been affected.”

The Australian Signals Directorate revealed in its annual cyber threat update that nearly 94,000 reports of cybercrime were made to police in 2022-23, an increase of 23 per cent from the previous year.

The cyber agency revealed China as a major backer of cyber attacks and hacking targeting Australian critical infrastructure and companies.

According to Professor Phair the US, Iran, China, North Korea, Russia and the Ukraine were among the top countries where cyber criminals operate and reside.

He said there was a “wide length and breadth” to the types of perpetrators who commit cyber crimes, ranging from an individual using a discount laptop in a basement, to a sophisticated team of state-funded cyber actors in an office building.

“Because (Australia) is a rich jurisdiction they pick on us. All they’ve got to do is successfully get the money out of the organisation, invariably in some sort of crypto type form, and then launder it into a proper bank account,” Professor Phair said.

“Some of these jurisdictions [such as Russia] have impunity for cybercriminals so they can do what they want to an extent.”

The federal government released its seven-year cyber security strategy in November, which allocated $565m to help businesses report malicious intrusions and ransomware attacks.

But Professor Phair said medium-sized businesses such as MediSecure aren’t equipped in “any shape or form” to deal with their increasing vulnerability and said nowhere near enough was being done to help safeguard people’s personal data.

“They should be [prepared] but the reality is they are not - and when we look at what needs to be achieved in terms of cyber safety one of them is supporting small businesses. The reality is, something like 96 per cent of all businesses in Australia employ less than 19 people yet they are critical in the supply chain,” he said.

More than a week after the MediSecure cyber breach was first reported, the National Office of Cyber Security said it was “working closely” with the current national script provider eRx to improve its cyber defences.

The agency did not confirm if anyone affected by the ransomware attack had been contacted by authorities.

“The Australian Government is working to complete its assessment and will share more information about what has been impacted and what affected people may need to do to protect themselves once that assessment is complete,” a statement read.

Professor Phair said the government’s response to the e-script hack was “perplexing” and urged individuals and small businesses to backup their data and use multi-factor authentication.

“People just have to be hyper-vigilant all the time. They have to check their settings on social media and think about what they post, they have to make sure they enact long and strong passphrases on all their accounts. It’s just that real vigilance and doing the little things,” he said.

MediSecure has been contacted for comment