Playing ‘catch-up’ on scams
INTERNET service providers will be forced to block nefarious online threats from Russian and Chinese cyber criminals before their scams hit our shores under a plan being considered by the federal government.
And Australian companies could be banned from paying ransoms to hackers, with fears such payments are promoting the country as a “lucrative target” to cyber criminals.
As well as increasing fines for companies that suffer data breaches, the government is also looking into setting minimum cyber security standards for critical infrastructure used by telcos, health providers or the nation’s own government departments.
Home Affairs and Cyber Security Minister Clare O’Neil said the Medibank/Optus data hack crises had shown Australia was “playing catch-up”.
The federal cyber security strategy 2020-23 is being overhauled to be “more ambitious” in outlook in tackling one of the great threats of our time.
Ms O’Neil said Russian crime gangs were designing software packages that were onsold to other criminal networks allowing them to hack into data bases.
It is believed hundreds of millions, “if not billions”, of attempted hacks are carried out on Australian companies each month.
Investigations into the Medibank data leak – which has impacted all 3.9 million of the health insurer’s members – have established a criminal stole the log-in credentials of a senior staff member and sold them to a hacker on an online Russian-language forum.
Ms O’Neil said one issue being looked at was a “clean pipes” program where ISPs were mandated to offer customers security as a default, automatically blocking malicious websites and malware.