An investigation commissioned by Commvault, an American security firm, revealed last week that Australian companies are recovering more quickly from cyberattacks due to enhanced preparedness and stricter government regulations.
The alarm bells rang for Australia regarding cybersecurity in 2022, with notable data breaches rocking the landscape. The first major incident involved Optus, one of the nation’s largest telecommunications companies. In September of that year, hackers unlawfully accessed a considerable amount of customer data, including driver’s licenses and governmental identification numbers.
Optus later acknowledged that millions of customers were affected by the breach. In response, they offered credit protection and assistance with altering any compromised identification numbers.
A month later, Medibank, a private health insurer, faced its own attack. Cybercriminals deployed ransomware, threatening to leak sensitive medical records of millions unless they were paid off.
The attackers were identified as part of a Russian ransomware group known as Revil, demanding $1 for each of the 9.7 million affected customers. Medibank chose not to pay the ransom, and an Interpol investigation ensued, leading to the identification of a key suspect, a 33-year-old Russian named Alexander Gennadievich Ermakov.
In examining the Optus hack, experts discovered that a neglected backdoor in the system allowed attackers to infiltrate through unsecured application programming interfaces (APIs). Once inside, they could swiftly access and steal data from Optus’ customer database.
Conversely, Medibank faced challenges despite having multifactor authentication; hackers managed to acquire login details from legitimate users. The cybercriminals exploited an employee’s saved credentials that were accessible via a browser, paving their way into the system.
In Medibank’s case, some employees had administrative access to various parts of the network. Although the security measures detected intruders, hackers lingered undetected for nearly two months, absconding with 500 gigabytes of sensitive information.
The combined impact of the Optus and Medibank breaches prompted Australian authorities to enforce new cybersecurity regulations, addressing the authentication and security issues revealed during these incidents. Companies are now required to report data breaches to both the government and the public more swiftly.
According to the Commvault study, businesses in Australia and New Zealand now recover from cyberattacks 38% faster than in the previous year. The average recovery time has dropped to 28 days, down from 45 days in 2024. However, recovery times still fall behind the global average of 24 days.
An interview with a representative noted, “I attribute this improvement to organizations being more cognizant of the situation, along with tighter regulatory requirements.” However, the outlook isn’t entirely positive. The same Commvault survey highlighted that fewer than one-third of Australian companies could effectively respond to cyberattacks, with 12% lacking formal response strategies.
Many industry experts voiced concerns over the Commvault findings, suggesting that numerous Australian companies—and businesses globally—only show genuine commitment to cybersecurity when faced with regulatory pressures.
Cragan stated that since 2022, there has been a noticeable uptick in business concern regarding security. Executives are now wary of the legal implications surrounding cybersecurity incidents, understanding that they could be held accountable for substantial damages. There’s a sense that Australia has been slow to prioritize security measures, while companies in other nations have built robust defenses over decades and trained their employees on best practices.
