Firms called up for cyber war games
Energy companies, banks, health providers and other critical infrastructure providers will be required to take part in new national cyber exercises.
Energy companies, banks, health providers and other critical infrastructure providers will be required to take part in new national cyber exercises to hone their responses to real-life security breaches.
Home Affairs Minister Clare O’Neil said entities covered by the Security of Critical Infrastructure Act would “systematically and frequently” participate in exercises under the leadership of the soon-to-be-announced cyber security co-ordinator.
In the wake of massive data breaches at Optus, Medibank and Latitude Financial, Ms O’Neil told the Australian Strategic Policy Institute’s Sydney Dialogue that the nation’s key systems operators needed to prepare to deal with major cyber attacks.
“This exercise series will build muscle memory in how to deal with a cyber attack – and, importantly, cover the types of incidents we have not yet experienced on a national scale, such as a lockup of critical infrastructure or integrity attacks on critical data,” she said.
“Critically, it will look at how to work with governments, including dealing with the consequences of a crisis that will not impact just one company but potentially millions of Australians.
“I have no doubt we will discover some areas where we need to train harder on incident response, ensuring plans don’t just sit on the shelf, or finding where vulnerabilities exist.”
She said while past cyber exercises had been undertaken, “we need to move faster and in a more integrated way”.
Ms O’Neil, who is working on a new national cyber strategy, said the “apex predators” of the hacking world worked on behalf of state-based actors to “infiltrate and infest critical infrastructure systems or attempt to take them over in order to exert leverage”.
She said however, that financially motivated cyber actors and extortionists were “public enemy No. 1”.
“These groups subvert legitimate business models for financial gain, creating online portals for ‘hacking as a service’ where anyone can purchase the tools and support necessary to conduct a cyber incident or data, especially in the form of a ransomware attack,” Ms O’Neil said.
“Some of the groups posing the greatest threat operate with the sanction and wilful blindness of nation states in which they physically work and operate.”
She said the majority of cyber security breaches could be traced to human error – such as the theft of credentials or accidental clicks on infected emails. But as technology advanced, threats would become harder to defend.
US ‘on track’ to sell Virginia-class subs to Australia
US Congressman and leading AUKUS supporter Joe Courtney, has played down the prospect of the US backtracking from its commitment to sell Australia nuclear-powered submarines.
‘Speak as many, not as one’: Indigenous leaders distance themselves from Thorpe’s tirade
Indigenous community leaders say Senator Lidia Thorpe’s outburst in Parliament House was done 'her way' but that Aboriginals had a 'right to be negotiated with', as they discussed meeting King Charles.