Australia had 16 major cyber-attacks against Australian organisations, which were trying to be “cyber extortion attacks”, claimed CyberCX Cyber Intelligence Director Katherine Mansted. Recently, millions of Australians had their privacy breached in cyber attacks on Optus, Medibank and other companies.
Cybercriminals stole sensitive health and financial data which was put up for sale on the black market and can be used for ransom, blackmail or fraud.
The black market for stolen information has been thrust into the spotlight following aggressive data theft from Optus and Medibank over the past two months and smaller businesses becoming victims of hacks.
As a result, the Albanese government launched a joint taskforce involving the Australian Federal Police and the Australian Signals Directorate to “hack the hackers” and disrupt cyberattacks before they begin.
Ms Manstead told Sky News Australia: “So, these are the less likely but really high impact type of cyber-attacks that Australian organisation face.
“The ransomware attack or the data theft extortion attack like that experienced by Medibank when the cybercriminals come in, they lock up your system or they steal your most sensitive data.”
A disturbing trend observed by cyber security experts is the use of the “clear web” to publish data which has been stolen in attacks.
Unlike the dark web, this information could be accessible to anyone using the internet simply conducting a Google search.
Stolen data from the Optus and Medibank hacks were published on the clear web in an attempt to extort the companies.
READ MORE: XR activist who caused £100k damage weeps at prospect of prison
Meanwhile, Medibank is set to shut down its IT systems, retail stores and customer contact centres this weekend as it overhauls its online security.
“Operation Safeguard” will see systems shutdown from 8:30pm on Friday, with the insurer claiming it expects things to be back up and running on Sunday “at the latest”.