Search
Close this search box.

Gridware’s Cybersecurity in Australia Update – June Edition

Share:

We’re back again with your summary of May’s biggest cyber news. From a cyber attack against a major Australian graphic design platform, to conflicting reports that say our government agencies are both world leaders in security, and highly vulnerable to attacks. It’s been an interesting month to say the least.

Australian Graphic Design Website Suffers Data Breach

Canva, a Sydney-based site that provides graphic design tools, has announced that it discovered a data breach on the 24th of May. A hacking group known as GnosticPlayers has taken credit for the attack, and it claims to have stolen data from around 139 million Canva users.

The data is alleged to include names, usernames, email addresses, location and password hashes. The passwords were hashed and salted with bcrypt, so it is unlikely that the attackers will be able to access them, but those who were affected should still change their passwords to be safe.

GnosticPlayers has become a renowned cybercriminal gang in the past year. According to ZDNet, it claims to have stolen over one billion sets of credentials from 45 companies since February.

Victorian Patient Data Is Vulnerable to Attacks

The state’s public health system has significant flaws, leaving it vulnerable to attacks that could expose patient data, according to a report released by Victoria’s auditor-general Andrew Greaves.

The auditor-general’s report investigated Barwon Health, the Royal Children’s Hospital, the Royal Victorian Eye and Ear Hospital, as well as the Digital Health and the Health Technology Solutions branches of the Department of Human Services.

Among the findings, the report stated that these organisations have password management and access control issues, problems with physical security, and that employees have limited awareness about data security.

Because of these flaws, the investigation concluded that “Victoria’s public health system is highly vulnerable to the kind of cyberattacks recently experienced by the National Health Service (NHS) in England, in Singapore, and at a Melbourne‐based cardiology provider, which resulted in stolen or unusable patient data and disrupted hospital services.”

During the audit, penetration testers breached the security of all four agencies and accessed patient data. This is extremely worrying, because it means that hackers may also be able to access the sensitive details of patients.

If attackers steal patient healthcare data, it can be used in identity theft, bank fraud and other cybercrimes, which can be devastating to victims and hard to recover from. The report made a number of recommendations to improve overall security, including taking a more proactive approach, implementing new defences and improving employee cybersecurity training.

Report Finds Australian Public Sector Is a Global Leader in Cybersecurity

A report from Dimension Data put Australian Government organisations at the top of the list when it comes to worldwide global cybersecurity practices. This comes as a surprise, especially considering the conflicting report from Victoria’s auditor-general above, as well as general pessimism about the country’s cyber defenses.

The report found that the Australian Government was “consistently above the average benchmark across all measured capabilities.” It was rated 2.92 out of five for cyber maturity, compared to a global public sector average of 1.45.

Perhaps it’s best to view the results as a condemnation on the rest of the world, rather than praise for the Australian Government’s approach to security. Just this year, Parliament and the major political parties fell victim to attacks. It’s clear that both Australia and the rest of the world still have a long way to go when it comes to defending themselves against the latest cyber attacks.

Picture of Ahmed Khanji

Ahmed Khanji

Ahmed Khanji is the CEO of Gridware, a leading cybersecurity consultancy based in Sydney, Australia. An emerging thought leader in cybersecurity, Ahmed is an Adjunct Professor at Western Sydney University and regularly contributes to cybersecurity conversations in Australia. As well as his extensive background as a security advisor to large Australian Enterprises, he is a regular keynote speaker and guest lecturer on offensive cybersecurity topics and blockchain.

Contact

Sydney Offices
Level 12, Suite 6
189 Kent Street
Sydney NSW 2000
1300 211 235

Melbourne Offices
Level 13, 114 William Street
Melbourne, VIC 3000
1300 211 235

Perth Offices
Level 32, 152 St Georges Terrace
Perth WA 6000
1300 211 235

Company

Learn more about the team at the forefront of the Australian Cyber Security scene.

About Us →

Meet the Team →

Partnerships →

Learn more about the team at the forefront of the Australian Cyber Security scene.

Career Opportunities →

Internships →

Media appearances and contributions by Gridware and our staff.

See More →

Services

Services

Whether you need us to take care of security for you, respond to incidents, or provide consulting advice, we help you stay protected.

View all services →

Web App Pen. Test Calculator →

Network Pen. Test Calculator →

Governance & Audit

Legal and regulatory protection

Penetration Testing

Uncover system vulnerabilities

Remote Working & Phishing

Fortify your defenses

Cyber Security Strategy

Adaptation to evolving threats

Cloud & Infrastructure

Secure cloud computing solutions

Gridware 360

End-to-end security suite

Gridware Managed Services

Comprehensive & proactive security

Gridware CloudControl
360

Harness the benefits of cloud technology

Gridware Incident Response 24/7

Swift, expert-led incident resolution

Solutions
Resources

Resources

A collection of our published insights, whitepapers, customer success stories and more.

Customer success stories from real Gridware customers. Find out how we have helped others stay on top of their Cyber Security.

Read More →