What’s happening in Australian cyber news?
This month, there have been a number of key issues that businesses across the board should be aware of. These include news of risks to Australia’s electricity infrastructure, a data breach that compromised airport security and a new cyber security centre opening up to help protect Perth’s resource sector.
Industry Panel Reveals Risks to Australian Infrastructure
On the 24th of July, a panel of industry experts gathered in Sydney to discuss cyber threats and how to manage them. One of the key takeaways was that the increasing complexity of the electrical grid, alongside the emergence of the Internet of Things (IoT) has led to significant infrastructure vulnerabilities.
One of the panel members, CQR Consulting chief technology officer, Phil Kernick stated that “… security in this area is not being done well right now.” Unsecure connections to rooftop solar systems, as well as the rise of smart meters pose new challenges, with electricity companies lagging behind in the technical mechanisms to make them secure.
These issues pose significant risks to Australian businesses and individuals, because cyber attacks on infrastructure could lead to widespread disruptions and outages.
Federal Government Launches Joint Cyber Security Centre in Perth
In more positive news, a cyber security centre has been launched in Perth to help protect Australian resource companies. The $47 million Joint Cyber Security Centre (JCSC) will be a hub where government and business can share information to improve security practices and foster a more secure environment.
The JCSC program aims to partner academia, business and government in order to boost collaboration when it comes to information security. The Perth Centre was funded as part of The Government’s 2016 Cyber Security Strategy, which shows some level of commitment to securing the country against the increasing array of cyber threats. The Perth resource economy is critical in supporting the nation, and an attack on a major company could send ripples through the nation.
Data Breach at an Aviation Security Company
There was a major breach at Aviation ID Australia, a company which issues Aviation Security Identity Cards (ASICs). The Australian Federal Police are investigating the attack, while authorities have also beefed up airport cyber security.
The attack may have resulted in the theft of personal details of those who were applying for security clearance. At this stage, few details have been officially released.
The attack came to light due to the recent Notifiable Data Breaches amendment, which was passed in February and requires organisations whose data has been breached to notify those who were affected. Aviation ID Australia sent emails out to the victims in order to comply with the requirement. Despite this, those who have been affected are unaware of the extent of the breach, because the amendment only requires notification of the breach and not the details, nor that it be made public.
According to information acquired by Business Insider, Aviation ID Australia had a “localised portion” of their website accessed without authorisation. Names, addresses, birth certificate numbers, Medicare numbers, licence numbers, ASIC numbers and more may have been stolen.
It is an ongoing investigation and the AFP haven’t released further details. In response to the attack, the Department of Home Affairs said that despite the breach, security features would not allow anyone to fraudulently create ASIC cards.
This is another dire warning about the importance of cyber security–if a company charged with securing our airports can be breached, just imagine how many others can. Contact Gridware if you don’t want your business to suffer the same fate.
