Cyber attacks in Australia have become more common in recent years. According to the National Australian Bank, almost two-thirds (63 percent) of Australians experienced a cyber attack or data breach during the last 12 months.

As we get more and more dependent on the digital technology to perform our daily operations, the risk of cybercrime becomes even bigger. Just by clicking, logging in, or making a transaction, we are risking ourselves to different cyber threats that can lead to something worse.  Just think about it: one day you wake up in the morning only to realise that your identity, your bank details or even sensitive business information has been stolen. For many Australians, this nightmare has become a reality. 

Australia has experienced several major cyber attacks that have impacted millions of people and reshaped our approach to cybersecurity. In this blog post, we’ll cover five major cyber attacks in Australia, what happened, the lessons learned, and how to protect against future risks.

The Importance of Cybersecurity Against Cyber Attacks

Cybersecurity is essential for safeguarding sensitive data, including personal information, financial records, and intellectual property. A cyber attack can be serious because it can cause data breaches, financial loss and damage to a company’s reputation. 

Data breaches can be very expensive for businesses. IBM estimates that the average data breach cost in Australia in 2023 is about AUD 4.5 million. This amount includes expenses like notifying affected parties, legal fees, and lost revenue. Plus, the emotional impact on individuals whose personal information is compromised is significant. In business, trust is everything and it takes years to rebuild after a breach.

Strong measures against cybersecurity threats are more important now than ever. Australian businesses can’t just rely on government efforts; they also need to take proactive steps to protect their digital assets. This includes using strong passwords, conducting regular security checks, and training staff to recognise phishing scams and other cyber threats.

In addition, the increase in cyber attacks in Australia shows that cybersecurity is not an IT issue, but a key component of business strategy. It is important for companies to realise how important it is to protect their data and systems from the changing methods of cybercriminals. If they don’t, they could face serious problems, including losing customer trust, dealing with legal issues, and, in the worst cases, closing down.

As cyber threats become more complex, organisations must keep adapting their security measures. This means keeping up with the latest trends and threats in cybersecurity, understanding the risks involved, and having a solid incident response plan ready. By creating a culture of cybersecurity awareness among employees, organisations can lower risks and enhance their overall security.

Cybersecurity in Australia

In recent years, Australia’s approach to cybersecurity has changed a lot. As the number of cyber crimes rises, the Australian government has come up with various ways to make the country secure. Strengthening Australia’s capability to respond to cyber threats is the theme of the National Cyber Security Strategy 2023–2030. It encourages the collaboration between the government, industry and the public.

Even with these efforts, challenges remain. Cyber attacks in Australia are becoming more frequent and advanced, with hackers targeting sectors like healthcare, finance, and government. Cyber incidents increased by 20% in the first half of 2024 compared to the previous year, according to reports.

Healthcare, in particular, has been a prime target because of the sensitive data it handles. Healthcare organisations are attractive targets for cybercriminals because breaches can expose personal health information of great value on the dark web. Criminals are also using ransomware and phishing to steal financial data and attacking financial institutions.

It is a warning to all of us—people and organisations—to stay vigilant. Cybersecurity isn’t just the job of the IT department; it’s a job that everyone has to work on together. It’s every employee’s responsibility to keep the digital environment secure.

The Australian Signals Directorate (ASD) plays an important role in coordinating the country’s cybersecurity efforts. It provides guidance and resources to help businesses strengthen their security. Many organisations use the ASD’s Essential Eight framework, which offers eight strategies to reduce cybersecurity risks, as part of their security plans.

But, while these initiatives exist, the responsibility for cybersecurity is ultimately that of each organisation. Companies have to take cybersecurity seriously and to regularly assess their systems for risks and put in place plans to minimise them.

 

5 Popular Cyber Attacks in Australia

Australia has seen a rising number of cyber attacks over the years, impacting businesses, government agencies, and individuals. Here’s a look at five of the most significant cyber attacks in the country’s history.

Canva (2019)

In May 2019, Canva, the well-known graphic design platform, experienced a significant data breach that impacted 137 million users worldwide. This breach is relevant in Australia because Canva is one of the country’s top tech companies. It showed that Australian businesses, especially those with large amounts of user data, are also targets for cyber attacks. 

A hacker, known as “Gnosticplayers,” broke into Canva’s systems. They accessed sensitive user information, including usernames, email addresses, and encrypted passwords. The hacker claimed to have partially accessed OAuth login tokens, which could be used to access other linked accounts. Canva clarified that the tokens had restricted access and were subsequently reset. Some payment data was affected in the breach, although Canva confirmed that no credit card information was leaked. 

Although Canva’s security team discovered the breach while it was happening, the hacker had already taken a large amount of data. Canva quickly informed affected users to reset their passwords. They also required password resets for anyone who hadn’t updated their password in the last six months.

It was a wake up call for many businesses about how storing large amounts of user data is risky. It emphasised the need for stronger security protocols and regular system checks. In response, Canva said it had conducted a full review of its security practices and new measures to protect user data in the future. 

A major takeaway from the Canva breach is the importance of having a good incident response plan in place. Organisations should develop and maintain these plans in order to be ready to act if a cyber threat happens. This includes setting up clear communication channels, assigning teams to handle incidents, and establishing steps for notifying affected users.

The Canva incident also demonstrates why it’s important to teach users that they should use strong, unique passwords on various platforms. Multi-factor authentication can further enable another layer of security so that attackers can’t get in as easily. 

Latitude (2023)

In March 2023, the Latitude Financial Services data breach was one of the biggest in Australian history, as it saw over 14 million customers affected. At first, it was believed that only 328,000 people had been affected, but later, an investigation found a much larger breach. The sensitive data involved were driver’s license numbers, passport details and financial records. Such data is particularly attractive to cyber criminals and is a major risk of identity theft. This raised questions about Latitude’s data retention policies, as much of the data dated back to 2005.

The Australian government responded by considering tougher regulations for the private sector, and calling for improved cybersecurity. Legislators called for more stringent rules on how long data should be held and threatened fines on companies that improperly retain or fail to dispose of old data securely. The breach also prompted talks about deleting old data to minimise risk. 

Latitude responded to the breach by informing affected customers and providing support to help protect their identities. This included providing credit monitoring services and advice on how to safeguard personal information from potential misuse. Latitude also consulted cybersecurity specialists to do a complete check of the company’s systems. They also increased the monitoring and encryption to prevent future attacks from happening.

Other organisations can learn from this by regularly reviewing their data retention policies. It’s important to have clear guidelines on what data to keep and for how long, in line with legal and regulatory requirements. Organisations should also secure sensitive information with strong protections and limit access to authorised personnel only.

Optus (2022)

In September, Australia’s second-largest telecommunications provider, Optus, was hit by a cyber attack. The breach exposed the personal data of 9.8 million customers and impacted almost 40% of the population. State-sponsored hackers are said to have carried out the attack. They used an unsecured API endpoint to get access to names, birth dates and government ID numbers. Many customers had their passport and driver’s license numbers compromised in the breach, raising worries about identity theft and fraud. 

The hackers posted samples of the stolen data online and initially demanded a ransom after the breach. This incident revealed serious flaws in Optus’s security and drew widespread criticism of Australia’s cybersecurity approach. In April 2023, Optus faced a class-action lawsuit involving 1.2 million customers and reinforced the need for companies to make cybersecurity a priority.

Optus’s management publicly recognised the need for better cybersecurity practices and committed to investing in stronger protections. It includes upgrading their monitoring systems, checking security regularly to find and fix vulnerabilities. Optus also promised to improve its incident response capabilities so it can take quicker action in future breaches. It also worked with cybersecurity agencies to prevent similar incidents in the industry. 

The Optus breach is a good lesson for businesses to learn about the need to protect application programming interfaces (APIs). Many companies use APIs to share data, but these can become entry points for attackers if not properly secured. Using strict authentication and access controls for APIs is essential to prevent unauthorised access to sensitive information. In response, Optus added extra security layers to their APIs, including stronger encryption and more frequent testing. This approach created a reference point for other telecom companies to enhance the security of their API systems.

Medibank (2022)

In December 2022, Medibank, one of Australia’s largest health insurers, experienced a major data breach that impacted 9.7 million customers. The REvil ransomware group claimed responsibility for the attack and demanded USD 10 million in ransom after some of the stolen data was posted on the dark web. Sensitive medical records and personal information were part of this breach. The compromised data included highly confidential information like medical histories, procedures, and diagnosis codes. This made it one of the most invasive breaches in Australia’s history.

Medibank decided not to pay the ransom, which sparked public discussion about the ethics of negotiating with hackers. The decision received both praise and criticism. Some said paying might have prevented data exposure, others saw it as a stand against cyber extortion. 

After the breach, Medibank advised customers to watch for scams and phishing attempts and stressed the need for continuous account monitoring. The company also introduced better measures in security and also made a significant investment in the company’s cybersecurity. The affected customers were also provided with free identity and credit monitoring services in a bid to reduce on identity theft. The company has also partnered with cybersecurity specialists to regularly assess risks and enhance its threat detection capabilities.

This incident showed how important it is for healthcare organisations to focus on cybersecurity. Because they handle sensitive information, healthcare providers must put strong security measures in place to defend against cyber threats. This means encrypting sensitive data, keeping security software updated, and training staff to spot cyber threats.

Medibank’s response also shows that organisations need to keep their customers informed during a crisis. When customers are informed of risks, organisations can continue to have their customers’ trust. It also indicates their concern of data protection.

ANU (2018)

In November 2018, the Australian National University (ANU) experienced a sophisticated cyber attack that exposed sensitive personal information for around 200,000 people. The breach went undetected for nearly six months and allowed attackers access to data going back almost 19 years. The compromised data included sensitive information like tax file numbers, bank account details, academic records, and emergency contacts. This level of access raised serious questions about how long educational institutions keep data.

The attackers used a series of spear-phishing campaigns to infiltrate ANU’s systems and showed a high level of skill in their methods. Although there’s no confirmed evidence of misuse, this incident pushed ANU to make significant investments in its cybersecurity.

This attack showed that even educational institutions are at risk from cyber threats and stressed the need for constant security and vigilance. In response, ANU conducted a full review of its security measures and strengthened the security of the sensitive information.

The ANU breach shows why educational institutions need to promote cybersecurity awareness among students and staff. Regular training on spotting phishing attempts and practising safe online habits can help lower the risk of future breaches. ANU now requires all students and staff to attend mandatory cybersecurity awareness sessions. These sessions focus on spotting phishing attempts and securely handling sensitive information.

Institutions should also implement multi-factor authentication (MFA) for accessing sensitive data and systems. This added layer of security greatly reduces the chances of unauthorised access, even if login details are compromised. After the breach, ANU added multi-factor authentication (MFA) to all sensitive systems for extra protection against attackers.

Protect Yourself from Cyber Attacks with Empreus IT Security

As cyber attacks become more frequent, it’s important that businesses and individuals take steps to protect themselves. Here are some important tips to help safeguard your digital information.

• Use Strong Password Policies

Use complex passwords that are hard to guess, and have employees change them regularly. Password managers can also help by storing unique passwords for each account.

• Turn on Multi-Factor Authentication (MFA)

Implementing an additional layer of security minimises the possibility of intrusion by strangers. MFA involves the use of a password in combination with another factor like a text message, or an authentication app.

• Regular Security Audits

Conduct routine audits of your IT systems to identify vulnerabilities and ensure that your security measures are current. These audits are useful in determining areas of vulnerability before the attackers get to discover them.

• Employee Training

Train staff to spot phishing and other cyber threats since human error is often a weak link in security. Regular training helps employees identify suspicious emails, websites, and other potential dangers.

• Invest in Cybersecurity Solutions

Working with a trusted IT security provider like Empreus IT Support can help you improve your cybersecurity approach and be able to respond to threats. Experts can also help you understand what you need to do and give you access to more advanced security tools.

• Data Backup

It’s a good habit to back up critical data regularly and keep it safe. If a ransomware attack occurs, having recent backups will keep the business running and lessen the damage done by lost data.

• Stay Informed

Keep up with the latest cybersecurity trends and potential threats. Knowing about new risks can help you change your security strategies as needed. To learn more about the essential cybersecurity skills you can read about the Essential Eight Framework for Cyber Security.

• Incident Response Plan

Develop a good incident response plan that defines how to approach a cyber attack. This plan should include clear communication channels, assigned teams to manage incidents, and steps for notifying users who may be affected.

Why Choose Empreus IT Support?

At Empreus, we believe that true cybersecurity goes beyond standard practices. It’s about understanding your business inside and out to build a defence that’s as unique as you are. Our team works side-by-side with yours, creating a personalised incident response plan and helping you find and fix vulnerabilities before they become problems. We’re here to make sure your business is secure and resilient, so you can focus on growth with peace of mind. Learn more about how Empreus IT Security can protect your digital assets on our IT security page.

For comprehensive support in managing your cybersecurity needs, visit our IT security page or learn more about Network security solutions.