Experts On Australia’s Securities Regulator Says Server Hit By Cybersecurity Breach

Australia’s securities regulator said on Monday there was a cybersecurity breach at a server it used to transfer files including credit license applications where some information may have been viewed. The Australian Securities and Investment Commission (ASIC) acknowledged the incident and investigation is still going on. It is believed that only limited information is seen by the threat actor.

Experts Comments

January 26, 2021
Jake Moore
Cybersecurity Specialist
ESET

Government breaches are likely to occur more than you might think, as their infrastructure is often outdated. Funding can be difficult to come by and sometimes decision-makers wrongly assess the level of risk. However, although governments may seem like an easy target to certain threat actors, the rewards for a breach are usually not as lucrative as with private organisations. Governments are not so easily swayed into paying big demands to criminals due to their lack of funds, not to mention

.....Read More

Government breaches are likely to occur more than you might think, as their infrastructure is often outdated. Funding can be difficult to come by and sometimes decision-makers wrongly assess the level of risk. However, although governments may seem like an easy target to certain threat actors, the rewards for a breach are usually not as lucrative as with private organisations. Governments are not so easily swayed into paying big demands to criminals due to their lack of funds, not to mention the public audience. Such financial demands are also even more difficult to sign off, so the motivation behind government attacks are often linked to other factors and political motives.

 

The key for government organisations to thwart such attacks is to keep abreast of the latest attack vectors and continually train staff to be aware of threats. No one piece of software can completely put a stop to the attacks, but such risk of an attack should never be undermined by those making the decisions.

  Read Less
January 26, 2021
Javvad Malik
Security Awareness Advocate
KnowBe4

The breach is a good reminder that all organisations need to have good monitoring and threat detection controls in place so that any intrusion can be quickly detected and responded to. 

 

Having strong security controls is not optional for any organisation, regardless of size, vertical, or type of data. If any system is accessible, it will be targeted. Therefore, it's important that cybersecurity is embedded within the culture of an organisation through all systems, processes, and employees.

.....Read More

The breach is a good reminder that all organisations need to have good monitoring and threat detection controls in place so that any intrusion can be quickly detected and responded to. 

 

Having strong security controls is not optional for any organisation, regardless of size, vertical, or type of data. If any system is accessible, it will be targeted. Therefore, it's important that cybersecurity is embedded within the culture of an organisation through all systems, processes, and employees.

  Read Less
January 26, 2021
Sam Curry
Chief Security Officer
Cybereason

The Discovery of the breach at Australia's Securities and Investment Commission (ASIC) is a reminder that there is no such thing as anyone being above an attack. All eyes are now on ASIC for how it handles the situation, what happened and what learnings there are for us all. Details matter. Transparency matters. Process, clarity, and putting those at risk first matter the most. It’s not a fun day for some down under, but they need to remember that their first job is to enable those affected

.....Read More

The Discovery of the breach at Australia's Securities and Investment Commission (ASIC) is a reminder that there is no such thing as anyone being above an attack. All eyes are now on ASIC for how it handles the situation, what happened and what learnings there are for us all. Details matter. Transparency matters. Process, clarity, and putting those at risk first matter the most. It’s not a fun day for some down under, but they need to remember that their first job is to enable those affected to protect themselves and to maintain public trust.

  Read Less
January 26, 2021
Niamh Muldoon
Senior Director of Trust and Security EMEA
OneLogin

This breach highlights the importance of having an appropriate access control mechanism in place for all data and associated data files. An appropriate access control mechanism should protect data and data files from unauthorised access and ensure authorised access is specific to the individual’s role based on the least privileged model. Moreover, all actions to the data files should be accounted for with monitoring and alerting applied to high-risk action execution.

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.