This was published 1 year ago
As hackers pivot to Asia Pacific, Australia urged to up defences
Boston, Massachusetts: Cyberattackers are increasingly targeting the Asia-Pacific region to expand their crimes, prompting calls for Australia to do more to safeguard critical infrastructure and businesses from costly extortion.
IBM security chiefs have warned that hackers, who have traditionally focused on North America, have pivoted towards Asia over the past two years, resulting in the average cost of data breaches soaring to record highs as they target supply chains, limit access to key services and increase the cost of goods.
According to IBM’s latest figures, the average cost of each cyber breach globally hit a record $US4.35 million ($6.2 million) in 2022, up 2.6 per cent from the year. The average cost of a data breach in Australia reached to $US2.9 million over the same period, up 3.4 per cent, making it the 11th most costly country in the world for a cyberattack.
According to the tech giant’s data, last year Asia Pacific also became the most targeted region for the first time since records have been kept, with Australia, Japan and India the hardest hit.
The rise in sophisticated cyberattacks across the region have prompted the company to call for governments to do more to protect businesses and consumers.
“Government needs to ensure that critical infrastructure supply chains build resiliency to respond and recover in case of a cyberattack,” said Chris Hockings, the chief technology officer for IBM Security’s Asia Pacific region.
“They must also define strong, implementable, cross-industry cybersecurity standards... and be an active participant in meeting these standards themselves.”
The warning comes after a series of high-profile cyberattacks, such as the one against telecommunications giant Optus, which resulted in about 10 million customers – or around 40 per cent of the population – having their personal data stolen last September. Medibank also suffered a massive data breach last year, resulting in its value falling by $1.6 billion in just a single week.
Charles Henderson, the global managing partner and head of IBM X-Force, a threat intelligence sharing platform, warned that attackers were becoming more sophisticated, and were increasingly using extortion (such as ransomware to threaten to disable business operations or leak confidential data); backdoors (such as viruses to get unauthorised network access); and email hijacking (by compromising a person’s email account to target others).
He said such attacks also contributed to higher costs to businesses and consumers – 60 per cent of companies that experienced a data breach raised their prices as a result.
Asked if governments should do more, Henderson pointed to the US government’s Cybersecurity and Infrastructure Security Agency (CISA), which shares information with the private sector as well as state and local government to safeguard against attacks.
“We’re not going to legislate our way into ‘secure’ – this takes a public-private partnership and a commitment to long-term security,” Henderson said during a tour of the IBM X-Force centre in Boston on Tuesday.
“That said, I think that government(s) can look to some of the successes that we’ve seen in the US ... governments can use the carrot rather than the stick to inform threat intelligence across business, as well as improve the security posture of companies”.
The author travelled to IBM X-Force Command Centre courtesy of IBM