Category: Australia

Australian government is all set to release a new portfolio of rules that order companies pay hackers for launching cyber-attacks. But the whole activity has a hidden twist in it as only ethical hackers will be rewarded under the ‘bug bounty’ program and they will receive a reward for letting the companies know about the vulnerabilities in their cyber defenses.

The program will be launched in January next year and was drafted to block state sponsored cyber attacks on Australian IT infrastructure.

In the past few months, many companies witnessed foreign infiltration on their networks and among them, the most noted were Optus Cyber Attack and data breach on Insurance company Medibank.

To put a full stop on such threats, the Australian Cyber Security Centre (ACSC) that works in coordination with Britain’s NCSC issued some guidelines to put a curb on foreign cyber threats. Australian Signals Directorate set-up a Vulnerability Disclosure Program (VDPs) and has announced bug bounties.

ASD will issue rewards and will have the sole authority on making these revelations public.

Many companies in the United States such as Microsoft, Google, Amazon, Facebook, Twitter and such have such bug bounty programs in place in America and the reward range between $5000- $200,000.

It all depends on the severity of the vulnerability that has been discovered and hackers accessed whether any sensitive data.

Pentagon started this theme of rewarding white-hat hackers in the year 2011 and then recommended it to the then Barack Obama government to continue encouraging hackers by announced financial rewards.

 

The post Australian companies to pay hackers for launching cyber attacks appeared first on Cybersecurity Insiders.

After a cyber attack on national telecom operator Optus and Insurance company Medibank, the Australian government has hacked the hackers in order to bring them to knees. Australian Cybersecurity Minister Clare O’Neil will take a decision on this note and news is out that the government wants to take serious action against state funded hackers and so might go ahead with the said plan.

Australian Fed is extremely concerned with exposed sensitive health data and theft and wants to block the threat hackers from been misused. For this reason, it has begun the work to track the criminals and hack their servers to siphon the information they possess about millions of customers.

The move seems to be naïve, if seen on paper! But isn’t new as United States NSA has conducted such digital acts in the past and has been doing so since 2012. And related evidence can be sensed from the interview given by NSA whistleblower Edward Snowden, now freely available to listen on a popular streaming platform owned by Google.

But there is a flip-side to such events. What if the state actor, Russia’s Killnet in this case, retaliates with more sophistication or starts using other tools to create an apocalypse such as a blackout or a nuclear fallout?

For instance, the nuclear attack on Hiroshima in the 1960s proved fatal for almost two decades or so.

Meaning such hack-back acts can lead to devastating results and can prove fatal to entire mankind.

Instead, a combined move by all nations or at least by developed countries in the West can help to take control of the situation.

Already, information sharing on cyber threats emerging from nations like North Korea, Iran, Russia and China is helping other nations take up proactive security measures to safeguard their critical infrastructure. Nevertheless, there needs to be a fair-point through which a pressure building scenario on countries launching cyber attacks needs to be steered and that’s difficult, especially after the war between Ukraine and Putin started.

 

The post Australia takes a vow to hack the hackers appeared first on Cybersecurity Insiders.

Australian government has imposed a ban on ransom payments in cyber attack incidents as it fears that such payments can encourage crime affecting millions of populaces at a time.

Already, from the past two months, the IT infrastructure owned by the government agencies such as telecom and insurance are being constantly targeted by state funded hackers. In case of ransomware, the victim is being asked to shell out millions to free up data.

To block such payments, Clare O’Neil, the Australian Home Affairs Minister, issued a public statement through ABC Television on November 13th,2022, issuing a ban on financial payments made to cybercrime in any form. This includes cryptocurrency payments sent to e-wallets of criminals or those alleged to be owned by hackers.

Australian Federal Police (AFP has formulated a new cyber policing model) and it is being supported by the Australian Signals Directorate that has the right to penalize any foreign interception on electronic communication owned by public and private entities.

Under the honorable leadership of PM Anthony Albanese, two federal agencies reportedly appointed a team of security experts comprising 100 officers and their duty is to conduct tracking and nabbing of cyber criminals spreading ransomware and will coordinate with Interpol and US CISA.

NOTE- Medibank Insurance that lost information of 10 million of its customers to Russian cyber gang is said to face harsh penalties, if it was found evading basic security practices in securing the info if its customers.

 

The post No more ransom payment in ransomware spread say Australia appeared first on Cybersecurity Insiders.

A ransomware gang has begun to publish data on the dark web stolen from Australia's largest health insurer Medibank. Curiously, the hackers have released details of insured customers, sorted into two files bearing the label "naughty-list" and "good-list." Read more in my article on the Hot for Security blog.

Data of Australian Victorian Populace appears to be exposed, as a technology company managing and serving was infiltrated by hackers on Wednesday last week. PNORS Technology Group, is the company that witnessed a compromise of its computer network recently, apparently spilling sensitive details to hackers.

PNORS owns about 5-companies and information is out that hackers launched a cyber attack on two of its companies- Netway Networks and Datatime Services on November 2nd -3rd of this year.

As the latter deals with Digi-document management and the former serves as management IT services provider, the damage seems to be more than expected.

Paul Gallo, the CEO of PNORS, acknowledged the news as true and assured that it will reveal more details after a thorough investigation gets concluded.

On Sunday last week, criminals leaked some information to prove that they are in hold of sensitive details gained from the hack and the threat actors targeted Department of Education and Training in Victoria (one among the victims) and are threatening to sell the details of a health questionnaire on the dark web if their demands aren’t met.

NOTE- The questionnaire contains a link to database where personal information of primary school students, including their drug abuse history, development and behavioral issues and their family alcohol details, were recorded along with their demographics.

Victorian populace data breach comes just within weeks after the revelation of Optus, SingTel and Medibank data breach.

So, the government seems to have taken a serious note of the situation and launched a national level formal inquiry with a specialized team of forensic security experts.

 

The post Data Breach of Victorian Populace in Australia taken seriously appeared first on Cybersecurity Insiders.

After suffering two large, and embarrassing, data breaches in recent weeks, the Australian government increased the fine for serious data breaches from $2.2 million to a minimum of $50 million. (That’s $50 million AUD, or $32 million USD.)

This is a welcome change. The problem is one of incentives, and Australia has now increased the incentive for companies to secure the personal data or their users and customers.

After Optus, Medibank and SingTel data breach, the government of Australia seems to have taken information leaks seriously, as it is soon going to introduce a proposal that aims to increase the penalties on companies that experience data breaches from now on. As companies are failing to take security measures to protect their user information, the federal government is planning to hike fines that are being imposed on businesses experiencing data leaks.

According to a report emerged on Friday last week, Energy Australia fell prey to a sophisticated cyber attack, resulting in information leak of over 323 residential and small business users and official estimates are in that misuse of that data wasn’t observed till date.

To eliminate such incidents in the future, the Anthony Albanese led government is discerning to increase the minimum penalty to $10 million for all firms that experience cyber-attacks.

Currently, the max. Penalty for critical and repetitive data leaks is at ASD $2.12 million and is now going to be increased to $50m ASD, 3 times more than what is being levied, presently.

In coming weeks i.e., by the end of November this year, the Australian government is also planning to overhaul the current rules related to consumer data privacy and will mainly focus on companies first that are in transit, telecom and banking sector.

NOTE- Australian Cyber Army, a special force appointed to mitigate threats on national infrastructure, suspects that the attacks that are being launched on a current note are by Killnet, the Russian government funded hacking group. And believes that Albanese led government will have to face more such digital wrath in the future as they are supporting Ukraine against Kremlin in the ongoing battle by supplying funds, ammunition and much needed essentials.

 

The post Australia looking to hike penalties on companies experiencing data breaches appeared first on Cybersecurity Insiders.

Optus aka Singtel Optus PVT Limited has apparently suffered a cyber attack resulting in the leak of personal information of customers that includes names, date of births, phone details, and email addresses. Unconfirmed sources say that the attack is deep than what is being reported as some customers even had their passport and driving license details leaked to the hackers.

The Australian Telecommunication Firm is currently silent on the issue and assured that it will release a press statement after a preliminary inquiry into the attack gets completed.

Australian Federal Police and Australian Cyber Security Centre are working closely to find out those behind the incident and suspect a foreign nation’s involvement is suspected behind the incident.

Currently, there is no info on the stolen data being misused on the internet or anywhere and news is out that passwords and payment card details weren’t compromised or access in the attack by the threat actors.

From the past few months, Australia has been experiencing cyber attacks on its national infrastructure and the nation has blamed Russia for digital assaults. It suspects the Kremlin behind the attacks as the Ex-Prime Minister felt that Australian support for Ukraine is pinching Moscow to an extent where it started retaliation as a cyber war.

Coming to a war between Russia and Ukraine, it seems like the former has lost its entire patience and is interested in taking down its foe with nuclear warfare. It has also issued a warning to the west that its support to the Zelenskyy led nation would cost it severe and will cause loss of innocent lives.

 

The post Optus Australia suffers serious data breach after Cyber Attack appeared first on Cybersecurity Insiders.

A newly detected hacking group named Aoquin Dragon from China has been found infiltrating servers from Southeast Asia and Australia. And what’s interesting about this is that the Advanced Persistent Threat(APT) group of actors has been indulging in cyber attacks since 2013 and has reportedly gathered tonnes of classical evidence that can be used against the nation in near future.

Cybersecurity researchers from Sentinel Labs have discovered the digital activities of Aoquin Dragon group and have confirmed that the primary focus of the APT was to conduct espionage on government operations happening across Cambodia, Hong Kong, Singapore, Vietnam, and the Anthony Albanese-led nation.

The infection spread from this threat actors’ group is simple-just sending emails laced with malicious links in the name of decoy documents and then infecting users. The documents can pertain to information shared regarding political parties, some kind of COVID-related content, or some sensitive personal details of female politicians.

Modus operandi of such cyber-criminal gangs is just simple- lure users and trick them into opening weaponized documents. And as soon as they open the document, install a backdoor in their system and then the network and then relay information to remote servers.

Reason for targeting only Australian users is still unknown. But security analysts from Sentinel Labs express their viewpoint that Chinese intelligence has assigned various duties of spying on foreign governments to different threat actors and Aoquin Dragon might be one whose sole purpose is to spy on the Australian government.

Countries like China, Russia, and the United States spy on foreign nations since 2012. National Security Agency of North America was a whistle blown by Edward Snowden in 2013 when he revealed to the world that American governments under the leadership of Barack Obama have been spying on adversary nations since 2009.

China too might have spied on its neighboring countries since the revelation of political and economic motives and so might have strategically assigned duties to hacking groups to gather intelligence about governments operating in Australia.

 

The post Aoquin Dragon from China hacking Australian Government Servers appeared first on Cybersecurity Insiders.