Leading cyber security body CyberCX has found that while health care companies had previously ranked cyber threats low on their list of concerns, with only 40 per cent of health insurers listing it as a material risk in their annual reports, the nation is now in the midst of a “national data reckoning” following high-profile data leaks at Optus and Medibank.

The report found that health care was one of the “most targeted sectors” because it hit a “sweet spot” of providing essential services and holding a high volume of sensitive data, which criminals know “hurts and causes damage” when released.

CyberCX cyber intelligence and public policy director Katherine Mansted said that by “zooming out” on the cyber security incidents that had occurred in recent years, the report had uncovered shifts in the goals of cyber criminals and state actors.

“What is interesting is how the targeting has evolved over the last couple of years; at the height of the pandemic, one of the biggest concerns was nation state espionage, because countries were looking at how other countries were responding to Covid and they were also engaging in vaccine espionage,” Ms Mansted said.

“That particular threat has waned as the threat has moved on and the threat has evolved as well. “In the criminal sphere, we saw that criminals used to focus on ransomware disrupting operations to force health care operations to pay up.

“Now we see a marked shift towards data theft-extortion, recognising that the health care system is vulnerable, not just because it runs essential services, but because it holds such important and sensitive information.”

Ms Mansted said foreign state actors from countries including China, North Korea, Iran and Russia were increasingly targeting health because it was an area that was “rich in intellectual property and research and development”, but also allowed governments to track dissidents and diasporas.

“Nation state tradecraft has evolved so as they’ve become less interested in Covid-related information, there is a continuing interest in personal information; particularly health care is one of the most important touch points for anyone in the community,” she said. “Which unfortunately means it’s a watering hole for foreign governments who are looking to track or understand people.

“So we’ve seen warnings from our government about espionage that targets health care and other community organisations trying to get the sensitive information of dissidents and diaspora groups as well as high-profile political figures and other figures of influence.” Ms Mansted said China, in particular, remained focused on furthering its national interest through cybercrime to support the superpower’s goals around “next-generation science and technology such as neuroscience, genetics, biotech”.

Russia and eastern Europe remained a safe haven for cyber-criminals, with these governments often giving these groups “carte blanche to operate” as long as they did not attack their host country, the report found.

Ms Mansted said a worrying trend identified in the report was for criminal groups to share stolen data on the open web rather than the dark web, sometimes installing a search function so the information could be found more easily. The report highlighted the role of human error in data breaches accounting for 33 per cent of notifiable breaches, and found health was the third most targeted sector with almost 9 per cent of data theft extortion attacks affecting Australian and NZ.

More related stories

Nation

Key defence contractor plans to quit country after AusPost snub

One of the world’s best stealth bike manufacturers for armies is deciding whether to quit Australia after a local AusPost contract snub.

Read more

Economics

Fix freight woes, fix productivity: GrainCorp’s bold challenge

The agribusiness giant says lessons from one of the nation’s most productive industries can help get the economy moving again.

Read more