Data breaches now pose a huge threat to Australian businesses, with the potential to cause "irreversible brand damage."
According to a cybersecurity expert at Fortinet, a global leader in cybersecurity has highlighted increasing concerns about cybercriminals targeting the nation's critical infrastructure.
Critical Sectors at Risk
Australia's federal government has identified 11 critical sectors under the Security of Critical Infrastructure Act, which was amended in 2018 to introduce stricter regulations. These sectors include communications, data storage, financial services, water and sewerage, energy, health and medical care, higher education and research, food and groceries, transport, space technology, and defense.
Under the amended regulations, businesses in these sectors must complete annual reporting to notify the federal government of any attempts to access their networks.
Read also: Unnamed Australian Healthcare Provider Hacked: National Cyber Security Coordinator Confirms
Rising Cybersecurity Incidents
Fortinet's Head of Operational Technology and Critical Infrastructure, Michael Murphy, recently spoke on Sky News Business Weekend, revealing the extent of cyber threats.
During the 2022-2023 financial year, there were 188 reported cybersecurity incidents across critical sectors, emphasizing the ongoing risks to national networks like water and energy supplies.
The Australian Bureau of Statistics reported that 34 percent of businesses experienced resource losses in managing cybersecurity attacks in the 2021-2022 financial year. Additionally, 22 percent of Australian businesses faced a cybersecurity attack during that period, more than double the previous year's figure.
What's worse, even small businesses are now vulnerable to any form of cybercrime.
The Impact of Cyber Attacks
Murphy pointed out that among entities with mandatory reporting, 188 incidents were reported. Moreover, entities outside of critical infrastructure also reported 142 incidents, underscoring the widespread nature of the threat.
Cybersecurity expert Murphy explained that hackers are motivated by various factors beyond financial gain, including the desire for control. He highlighted the severe consequences of cyber attacks, where hackers can disrupt systems and cause significant downtime, leading to revenue loss and irreversible brand damage.
Challenges in Critical Infrastructure
Murphy noted that critical infrastructure sectors face unique challenges compared to the IT enterprise. In many cases, the luxury of quickly restoring systems is not available, and recovery can take a considerable amount of time. This extended downtime not only affects revenue but also damages the reputation and trustworthiness of the affected organizations.
"What we've observed is in many incidents there are motivators at play, historically it's been based on financial profiteering. We've seen an increase in socio and political influence and more importantly, some hackers and syndicates simply want to raise their own credibility," he said.
As cyber threats continue to evolve, it is crucial for businesses, especially those in critical infrastructure sectors, to strengthen their cybersecurity measures. Annual reporting and adherence to federal regulations are essential steps, but proactive strategies and advanced security technologies are necessary to mitigate risks effectively.
The threat of data breaches and cyber attacks to Australian businesses, particularly those in critical infrastructure sectors, is real and growing. With the potential for irreversible brand damage and financial loss, companies must prioritize cybersecurity.
In other news, Tech Times reported that Russia may have hacked Ukraine's critical infrastructure. This prompted the International Criminal Court (ICC) to launch an investigation into the Kremlin's potential war crimes.