Corporate insurers regularly pay hackers a ransom in exchange of stolen customer data, according to a top Australian government cybersecurity provider, as the country’s largest health insurer revealed the scope of a recent breach on Tuesday.
The claim from Macquarie Telecom Group Ltd, which manages cybersecurity for 42 per cent of Australian federal employees, including the Australian Taxation Office, suggests a lack of preparedness in an industry that has been in the spotlight recently due to a wave of high-profile hacks.
“These are the largest corporations in the world, falling over themselves to pay criminals as fast as possible to cap their liability,” Macquarie CEO David Tudehope told Reuters in an interview, referring to cyber insurance firms that he did not name. “In what other sphere of life do you see reputable corporates pay millions of dollars to criminals and somehow it’s all okay?”
Tudehope added that insurers who paid ransom to hackers had no way of ensuring data deletion, which meant sensitive customer information remained at risk of being exposed online.
This month, Medibank Private Ltd (MPL.AX), Australia’s largest health insurer, revealed that a criminal had shown it stolen personal health data of 100 of its 4 million customers and demanded payment for the data’s return. On Tuesday, Medibank announced that the criminal had revealed the personal information of another 1,000 customers, and that the number was likely to grow.
Optus, the country’s No. 2 telco, said last month that a hacker demanded payment after stealing data from about 10 million customer accounts, equivalent to 40% of the Australian population.
A person claiming to be the Optus hacker later withdrew the demand due to privacy concerns.
Meanwhile, the federal government has announced that companies that suffer data breaches will face fines of up to A$50 million.
“This is an enormous wake up call for the country,” Cyber Security Clare O’Neil told parliament. “We need to do more as a country to step up.”
O’Neill added that a national crisis management group formed during the COVID outbreak was activated on Saturday and has met three times to discuss the Medibank hack.
Tudehope, the CEO of Macquarie Telecom, declined to comment on specific incidents, but blamed underprepared cybersecurity chiefs who were too focused on internal stakeholder management and overly reliant on all-in-one protections such as firewall software.
“The challenge in cyber is it just changes so quickly and the people in senior management who, in many cases, do not have the background in cybersecurity because it wasn’t a thing as they worked their way up through their career,” Tudehope said.
“They’re making decisions they don’t have a strong understanding of in many cases,” he added. “The people who have a deeper level of IT security (knowledge) are often at junior or middle levels of an IT department or government agency.”
According to Tudehope, most businesses will face cyber attacks and should have a recovery plan in place, such as having confidential data backed up frequently in a separate location to ensure hackers cannot access it.
(Adapted from NDTV.com)