Australian Government to Announce New Cybersecurity Protections Following Optus Data Breach
The Australian government will introduce new measures to strengthen the country’s cybersecurity following a massive cyberattack on phone and internet provider Optus.
The data breach, which Prime Minister Anthony Albanese described as a “huge wake-up call,” exposed the personal information of up to 9.8 million Australians, including details such as driver’s licence and passport numbers.
Cyber Security Minister Clare O’Neil is expected to announce the new cybersecurity measures after she said that the way companies protected customer data needed to be changed.
The prime minister said the new protections would allow banks and other institutions to be informed much faster when a cyberattack occurred to prevent personal data from being used.
“This is a huge wake-up call for the corporate sector in terms of protecting the data,” he told Brisbane radio 4BC.
“We know in today’s world there are actors–some state actors but also some criminal organisations–who want access to people’s data.”
New Bill to Target Cybercriminals
Meanwhile, in an effort to crack down on cybercriminals, opposition home affairs spokeswoman Karen Andrews has tabled a bill to the federal parliament, which includes a new standalone offence for cyber extortion and harsher penalties.
Specifically, the bill raises the jail term for cybercriminals who use ransomware to 10 years, while those targeting Australia’s critical infrastructure could face a maximum of 25 years.
“It’s designed to disrupt and deter cybercriminals who engage in ransomware and cyber extortion activities targeting Australians and Australian businesses,” Andrews told parliament.
“It hits the cybercriminals where it hurts the most, and that’s in their hip pocket. These are all sensible measures that will create a greater deterrence and therefore reduce the incidence of ransomware attacks.”
In addition, the Opposition said the government had not dealt with cybersecurity properly.
Liberal MP James Paterson criticised O’Neil’s response to the news of the attack and said that Optus needed to give its customers a full explanation and a genuine apology.
“It’s appropriate that when there’s an investigation going on that they follow the Australian Federal Police’s advice, but that should not be used as an excuse not to be completely upfront with the public about how this happened and who’s responsible for it when those facts are known,” he said.
Andrews also criticised the government for making changes to national cyber security strategies.
“Why would you say you’re getting rid of something when you don’t know what you’re going to replace it with?” she said.
“Cyber criminals are coming up with new ways every day to use malware and, specifically, ransomware to do us real and long-lasting harm.”