Security News

Australia's government has used the "Significant cyber incidents" sanctions regime it introduced in 2021 for the first time, against a Russian named Aleksandr Gennadievich Ermakov whom authorities have deemed responsible for the 2022 attack on health insurer Medibank Private. On Tuesday the government went a step further, naming Aleksandr Ermakov as linked to the incident, adding that Australia's Federal Police and sigint agency the Australian Signals Directorate "Continue to pursue other leads."

IT pros in Australia should be looking forward to a big year in 2024, as ongoing transformation continues to redefine their roles within their companies. Coupled with an ongoing skills shortage, those pros who spend the effort to develop their skillsets according to current trends will do well, regardless of the broader economic conditions.

The Australian government announced the 2023-2030 Australian Cyber Security Strategy, which aims to "Help realise the Australian Government's vision of becoming a world leader in cyber security." Overall, the strategy is designed to bring the public and private sectors together in delivering a cohesive vision. More Australia coverage Lack of bipartisan agreement means a lack of clear cyber security strategy.

Cybercrime actor DragonForce which claimed responsibility for the attack has also leaked 95 GB of data that it states, belongs to the company. In a statement to BleepingComputer, Yakult Australia confirmed it was investigating a cyber incident that occurred in mid-December.

Today, the Akira ransomware gang claimed that it breached the network of Nissan Australia, the Australian division of Japanese car maker Nissan.The attackers have threatened to leak sensitive business and client data online, as ransom negotiations with Nissan failed after the company either refused to engage or pay the ransom.

Third-party supply chain risk is a key concern from Australian cyber security professionals. ASIC reveals third-party supply chain risk as key gap in Australia.

The year 2023 was a big year for cyber security professionals in Australia. Experts from Rapid7 have argued that Australia can expect both advantages and risks from AI cyber tools in 2024.

Australia is about to get a national online ID system - the Digital ID - which promises to improve the security and privacy of data online. The Digital ID is the cumulation of a five-year, AUD $200 million investment as an effort to alleviate security concerns over the amount of data Australians give to companies to prove who they are online.

Australia is building a top-secret cloud to host intelligence data and share it with the US and UK, which have their own clouds built for the same purpose. The three clouds were discussed on Monday by Andrew Shearer, Australia's director-general of national intelligence, at an event hosted by the Center for Strategic & International Studies in Washington, DC. "We are working very hard on a top-secret cloud initiative," Shearer told the event, adding that it will interoperate with similar infrastructure already operated by the US and UK, and mean sensitive data can be shared "Near instantaneously."

Asia in brief Australia's National Cyber Security Coordinator has described an attack on logistics company DP World as a "Nationally significant cyber incident."Cloud Software Group, parent company of Citrix, has become the latest tech player to exit China.