Repeat hacks highlight Australia's cyber flaws / Photo: Muhammad FAROOQ - AFP
-
Slot says 'too early' for Liverpool title talk
-
Mayotte faces environment, biodiversity crisis after cyclone
-
Amorim says 'survival' aim for Man Utd after Wolves loss
-
Amorm says 'survival' aim for Man Utd after Wolves loss
-
Desertions spark panic, and pardons, in Ukraine's army
-
China sanctions US firms over Taiwan military support
-
Asian markets mostly rise but political turmoil holds Seoul back
-
N. Korean soldier captured in Russia-Ukraine war dies: Seoul
-
Huthis claim new attacks on Israel after strikes hit Yemen airport
-
World number six Rybakina makes winning start at United Cup
-
South Korean lawmakers impeach acting President Han Duck-soo
-
Israeli strikes hit Yemen airport as WHO chief prepares to leave
-
Swiatek not expecting WADA appeal over doping scandal
-
India lose five after Smith's heroics put Australia in charge of 4th Test
-
'Dangerous new era': climate change spurs disaster in 2024
-
Fritz motivated for Slam success after low-key off-season
-
Move over Mercedes: Chinese cars grab Mexican market share
-
Zverev aiming to challenge Sinner for top ranking
-
N. Korean soldier captured in Russia-Ukraine war: Seoul
-
Inspired Tsitsipas looking to 'refresh, regroup' in Australia
-
India announces state funeral for former PM Manmohan Singh
-
Seahawks edge Bears to boost NFL playoff hopes
-
Rohit out cheaply as Smith heroics put Australia in charge of 4th India Test
-
Thunder NBA win streak at nine as Shai ties career high with 45
-
India announces state funeral for ex-PM Manmohan Singh
-
Japan govt approves record budget for ageing population, defence
-
Japanese shares gain on weaker yen after Christmas break
-
Smith's 140 puts Australia in control of 4th Test against India
-
South Korea's acting president faces impeachment vote
-
Fleeing Myanmar, Rohingya refugees recall horror of war
-
Smith century puts Australia in control of 4th Test against India
-
Israeli strikes hit Yemen as Netanyahu fires warning
-
Peru ex-official denies running Congress prostitution ring
-
Australia's Smith reaches 34th Test century
-
NHL Red Wings fire Lalonde and name McLellan as head coach
-
InterContinental Hotels Group PLC Announces Transaction in Own Shares - December 27
-
Relief Therapeutics Provides Update on Potential Transaction with Renexxion
-
Australian bushfire burns area the size of Singapore
-
Injured Halep withdraws from Australian Open
-
Liverpool power seven points clear, Man Utd crash at Wolves
-
Two killed in treacherous Sydney-Hobart yacht race
-
Leaders Liverpool survive Leicester scare to go seven points clear
-
Membership of UK's anti-immigration Reform party surpasses Conservatives
-
US stocks take a breather, Asian bourses rise in post-Christmas trade
-
Two dead in treacherous Sydney-Hobart yacht race
-
Amorim warns of 'long journey' ahead for miserable Man Utd
-
Three dead, four injured in Norway bus accident
-
Russia missile suspected in Azerbaijani plane crash, Moscow warns against 'hypotheses'
-
Man Utd fall to Wolves as Fernandes sees red
-
Fernandes sent off as Man Utd crash at Wolves, troubled Man City held by Everton
NYSE - LSE
Repeat hacks highlight Australia's cyber flaws
Inadequate privacy safeguards and the stockpiling of sensitive customer information have made Australia a lucrative target in the eyes of foreign hackers, cybersecurity experts told AFP following a series of major data breaches.
Medibank, Australia's largest private health insurer, recently confirmed that hackers had accessed the data of 9.7 million current and former customers, including medical records related to drug abuse and pregnancy terminations.
Telecom company Optus fell prey to a data breach of similar scale in late September, during which the personal details of up to 9.8 million people were accessed.
Both incidents sit comfortably among the largest data breaches in Australian history.
Australian National University cybersecurity expert Thomas Haines said many companies had been hoarding personal data that they should not have been hanging on to.
"There was a famous line for a while: Data is the new oil," he told AFP.
"If data is the new oil, then we're living the era of the weekly oil spill."
Haines contrasted Australia's approach with that of the European Union, which in 2018 adopted sweeping privacy reforms limiting how organisations collect, use and store personal data.
"There have got to be incentives in place to stop companies hoarding data they don't need, or to penalise those companies for big leaks. Europe has done this," he said.
"At the moment the business incentives are basically along the lines of: Let's just keep a whole bunch of data."
Haines said Medibank appeared to be an exception, in that most of the sensitive information within its databases had been stored for good reason.
- Hacking 'for profit' -
Australia's comparatively weak safeguards against identity theft meant it was also easier to exploit stolen personal information, Haines said.
"All they need to know is your passport, your driver's licence and some other things -- and then I can start taking out loans in your name."
Haines said European countries such as Norway had much more stringent requirements involving face-to-face contact.
Dennis Desmond, a former FBI agent and US Defense Intelligence Agency officer, said most hackers were searching for particular types of data.
"For-profit hackers are going after healthcare data, they're going after identity data and credentials to access systems," he told AFP.
"There is a profit motivation there, otherwise they wouldn't be risking jail and prosecution."
The Medibank hackers this week started leaking stolen data to a dark web forum, after the company refused to pay a US$9.7 million (Aus$15 million) ransom.
The Optus breach led to the theft of customers' names, birth dates, and passport numbers.
- Russia blamed -
Australian Federal Police Commissioner Reece Kershaw on Friday blamed the Medibank cyberattack on a team of hackers based in Russia.
"We believe those responsible for the breach are in Russia," he told reporters.
"Our intelligence points to a group of loosely affiliated cyber criminals who are likely responsible for past significant breaches in countries across the world."
Medibank data leaked to the dark web so far has included hundreds of potentially-compromising medical records related to drug addiction, alcohol abuse and sexually-transmitted infections.
Home Affairs Minister Clare O'Neil conceded on Friday the country's cyber defences had not always been up to scratch.
University of Sydney data researcher Jane Andrew said one major flaw was that Australian companies were not always obliged to report data breaches.
"There are heaps of data breaches happening all the time that we don't hear anything about," she told AFP.
"Companies have been gathering data because it's seen to be valuable, without fully understanding the potential risks."
H.E.Young--AMWN
