Australian Defense Department Hit by Ransomware Attack

Australian Defence Department has been hit by a ransomware attack. No information about former or serving military personnel was stolen or compromised.

The Defence Secretary stated that the issue was being considered “very seriously”. As per Assistant Defence Minister Matt Thistlethwaite, the department was cautious by alerting every employee despite no information theft. Defence has advised its employees to change their passwords as well as choose two-factor authentication.

“I want to stress this isn’t an attack or breach on Defence ICT systems,” Mr Thistlethwaite told ABC radio. “It’s on external provider Defence contracts to run one of their websites.”

Military personnel who think they may be impacted have been offered cyber security.

The announcement from the Defence Department comes in the wake of a recent spate of high-profile attacks on powerful institutions that have made millions of Australians more susceptible to economic and identity fraud.

Each of Medibank’s four million clients, as well as those of its budget arm AHM, got their private information exposed. Personal information as well as significant amounts of health claim data from Medibank and AHM clients were accessed.

“We have evidence that the criminal has removed some of our customers’ personal and health claims data and it is now likely that the criminal has stolen further personal and health claims data,” the company stated.

This leak occurred following an Optus breach in September, where nearly 10 million current and previous customers had their private license, passport, and Medicare information stolen.

Treasurer Jim Chalmers said that the government would alter telecommunications laws to permit the temporary sharing of driver’s licenses, passports, and Medicare data with financial services in order to protect those impacted from fraud and identity theft.

Cybercrime specialists, however, say that in order to effectively address data theft, the government must shift its attention away from suspects of terrorism and other offenses and toward the risk of information theft.

Suggested Read: Australia Lags Behind in Extending FATF’s AML/CFT Recommendations to DNFBPs