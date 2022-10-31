It has been reported that the Australian Department of Defence fears the personal data of personnel, such as dates of birth, may have been compromised after a communications platform used by the military was hit by a ransomware attack.
Another week, another breach. It seems like things are going from bad to worse down under.
It is not clear how this latest incident occurred, but it raises further alarm bells at a time when the world’s eyes are already on the security of Australia.
The bad news is things are only likely to continue until organisations take back control over their digital network access.
In almost all security breaches, hackers don’t hack in, they log in. They steal credentials without any obstacles because employees make and control the digital keys (passwords), to access an organisation’s network.
As long as these organisations continue to let their employees create their own keys to access their digital building and open all doors at the same time, there will be no respite. Attackers have consistently used employees’ credentials to log into systems, move inside the network and launch ransomware attacks. And this technique won’t change until organisations decide to control their access keys and improve their resilience.
The reality is this can easily be done through access encryption and segmentation, where employees use encrypted credentials without the need to see, make or know any of them. This would stop exposing organisations to human errors and effectively prevent network doors being breached.