Repeat hacks highlight Australia's cyber flaws / Photo: Muhammad FAROOQ - AFP
-
Lenny Wilkens, Basketball Hall of Famer as player and coach, dies
-
Griffin wins PGA Mexico title for third victory of the year
-
NFL makes successful return to Berlin, 35 years on
-
Lewandowski hat-trick helps Barca punish Real Madrid slip
-
George warns England against being overawed by the All Blacks
-
Lewandowski treble helps Barca beat Celta, cut gap on Real Madrid
-
Neves late show sends PSG top of Ligue 1, Strasbourg down Lille
-
Inter go top of Serie A after Napoli slip-up
-
Bezos's Blue Origin postpones rocket launch over weather
-
Hamilton upbeat despite 'nightmare' at Ferrari
-
Taylor sparks Colts to Berlin win, Pats win streak hits seven
-
Alcaraz and Zverev make winning starts at ATP Finals
-
Protests suspend opening of Nigeria heritage museum
-
Undav brace sends Stuttgart fourth, Frankfurt win late in Bundesliga
-
Roma capitalise on Napoli slip-up to claim Serie A lead
-
Liverpool up for the fight despite Man City masterclass, says Van Dijk
-
Two MLB pitchers indicted on manipulating bets on pitches
-
Wales rugby captain Morgan set to be sidelined by shoulder injury
-
After storming Sao Paulo podium, 'proud' Verstappen aims to keep fighting
-
US flights could 'slow to a trickle' as shutdown bites: transport secretary
-
Celtic close on stumbling Scottish leaders Hearts
-
BBC chief resigns after row over Trump documentary
-
Norris extends title lead in Sao Paulo, Verstappen third from pit-lane
-
Norris wins in Sao Paulo to extend title lead over Piastri
-
Man City rout Liverpool to mark Guardiola milestone, Forest boost survival bid
-
Man City crush Liverpool to mark Guardiola's 1,000 match
-
Emegha fires Strasbourg past Lille in Ligue 1
-
Howe takes blame for Newcastle's travel sickness
-
Pumas maul Wales as Tandy's first game in charge ends in defeat
-
'Predator: Badlands' conquers N. American box office
-
Liga leaders Real Madrid drop points in Rayo draw
-
'Killed on sight': Sudanese fleeing El-Fasher recall ethnic attacks
-
Forest boost survival bid, Man City set for crucial Liverpool clash
-
US air travel could 'slow to a trickle' as shutdown bites: transport secretary
-
Alcaraz makes winning start to ATP Finals
-
'I miss breathing': Delhi protesters demand action on pollution
-
Just-married Rai edges Fleetwood in Abu Dhabi playoff
-
All aboard! Cruise ships ease Belem's hotel dearth
-
Kolo Muani drops out of France squad with broken jaw
-
Israel receives remains believed to be officer killed in 2014 Gaza war
-
Dominant Bezzecchi wins Portuguese MotoGP
-
Super Typhoon Fung-wong makes landfall in Philippines
-
Rai edges Fleetwood in Abu Dhabi playoff
-
Scotland sweat on Russell fitness ahead of Argentina clash
-
Faker's T1 win third back-to-back League of Legends world crown
-
Former world champion Tanak calls time on rally career
-
Ukraine scrambles for energy after Russian attacks
-
Over 1 million evacuate as deadly Super Typhoon Fung-wong nears Philippines
-
Erasmus' ingenuity sets South Africa apart from the rest
-
Asaji becomes first Japanese in 49 years to win Singapore Open
NYSE - LSE
Repeat hacks highlight Australia's cyber flaws
Inadequate privacy safeguards and the stockpiling of sensitive customer information have made Australia a lucrative target in the eyes of foreign hackers, cybersecurity experts told AFP following a series of major data breaches.
Medibank, Australia's largest private health insurer, recently confirmed that hackers had accessed the data of 9.7 million current and former customers, including medical records related to drug abuse and pregnancy terminations.
Telecom company Optus fell prey to a data breach of similar scale in late September, during which the personal details of up to 9.8 million people were accessed.
Both incidents sit comfortably among the largest data breaches in Australian history.
Australian National University cybersecurity expert Thomas Haines said many companies had been hoarding personal data that they should not have been hanging on to.
"There was a famous line for a while: Data is the new oil," he told AFP.
"If data is the new oil, then we're living the era of the weekly oil spill."
Haines contrasted Australia's approach with that of the European Union, which in 2018 adopted sweeping privacy reforms limiting how organisations collect, use and store personal data.
"There have got to be incentives in place to stop companies hoarding data they don't need, or to penalise those companies for big leaks. Europe has done this," he said.
"At the moment the business incentives are basically along the lines of: Let's just keep a whole bunch of data."
Haines said Medibank appeared to be an exception, in that most of the sensitive information within its databases had been stored for good reason.
- Hacking 'for profit' -
Australia's comparatively weak safeguards against identity theft meant it was also easier to exploit stolen personal information, Haines said.
"All they need to know is your passport, your driver's licence and some other things -- and then I can start taking out loans in your name."
Haines said European countries such as Norway had much more stringent requirements involving face-to-face contact.
Dennis Desmond, a former FBI agent and US Defense Intelligence Agency officer, said most hackers were searching for particular types of data.
"For-profit hackers are going after healthcare data, they're going after identity data and credentials to access systems," he told AFP.
"There is a profit motivation there, otherwise they wouldn't be risking jail and prosecution."
The Medibank hackers this week started leaking stolen data to a dark web forum, after the company refused to pay a US$9.7 million (Aus$15 million) ransom.
The Optus breach led to the theft of customers' names, birth dates, and passport numbers.
- Russia blamed -
Australian Federal Police Commissioner Reece Kershaw on Friday blamed the Medibank cyberattack on a team of hackers based in Russia.
"We believe those responsible for the breach are in Russia," he told reporters.
"Our intelligence points to a group of loosely affiliated cyber criminals who are likely responsible for past significant breaches in countries across the world."
Medibank data leaked to the dark web so far has included hundreds of potentially-compromising medical records related to drug addiction, alcohol abuse and sexually-transmitted infections.
Home Affairs Minister Clare O'Neil conceded on Friday the country's cyber defences had not always been up to scratch.
University of Sydney data researcher Jane Andrew said one major flaw was that Australian companies were not always obliged to report data breaches.
"There are heaps of data breaches happening all the time that we don't hear anything about," she told AFP.
"Companies have been gathering data because it's seen to be valuable, without fully understanding the potential risks."
H.E.Young--AMWN
