Australia’s securities regulator said on Monday there was a cybersecurity breach at a server it used to transfer files including credit license applications where some information may have been viewed. The Australian Securities and Investment Commission (ASIC) acknowledged the incident and investigation is still going on. It is believed that only limited information is seen by the threat actor.
<p>Government breaches are likely to occur more than you might think, as their infrastructure is often outdated. Funding can be difficult to come by and sometimes decision-makers wrongly assess the level of risk. However, although governments may seem like an easy target to certain threat actors, the rewards for a breach are usually not as lucrative as with private organisations. Governments are not so easily swayed into paying big demands to criminals due to their lack of funds, not to mention the public audience. Such financial demands are also even more difficult to sign off, so the motivation behind government attacks are often linked to other factors and political motives.</p> <p> </p> <p>The key for government organisations to thwart such attacks is to keep abreast of the latest attack vectors and continually train staff to be aware of threats. No one piece of software can completely put a stop to the attacks, but such risk of an attack should never be undermined by those making the decisions.</p>
<p>The breach is a good reminder that all organisations need to have good monitoring and threat detection controls in place so that any intrusion can be quickly detected and responded to. </p> <p> </p> <p>Having strong security controls is not optional for any organisation, regardless of size, vertical, or type of data. If any system is accessible, it will be targeted. Therefore, it\’s important that cybersecurity is embedded within the culture of an organisation through all systems, processes, and employees.</p>
<p>The Discovery of the breach at Australia\’s Securities and Investment Commission (ASIC) is a reminder that there is no such thing as anyone being above an attack. All eyes are now on ASIC for how it handles the situation, what happened and what learnings there are for us all. Details matter. Transparency matters. Process, clarity, and putting those at risk first matter the most. It’s not a fun day for some down under, but they need to remember that their first job is to enable those affected to protect themselves and to maintain public trust.</p>
<p>This breach highlights the importance of having an appropriate access control mechanism in place for all data and associated data files. An appropriate access control mechanism should protect data and data files from unauthorised access and ensure authorised access is specific to the individual’s role based on the least privileged model. Moreover, all actions to the data files should be accounted for with monitoring and alerting applied to high-risk action execution.</p>