Hospital facilities in Australia have been cautioned that they are likely to be forced to pay ransoms to threat actors in order to protect patients, as the threat to cyber security grows in the wake of "wake-up call" attacks.
In the aftermath of massive hacks that affected millions of Medibank and Optus customers, the alarming alert is at the top of the list of predictions made by cyber security experts as we are approaching year 2023.
According to the cybersecurity firm, Palo Alto Networks, it is high time that the hospitals, government agencies and businesses start considering whether they would be paying ransom and how much they would pay.
It’s Just the Beginning
Mohiuddin Ahmed, a senior computing and security lecturer at Edith Cowan University, asserts the sentiments. He did not only predict the increasing threats over the upcoming year, but also an increase in attacks on Australia's vital infrastructure, with "highly digitized" hospital systems among the prospective targets.
He warns saying, it is “just the beginning” for cyber attempts and attacks.
The recent breaches on Medibank and Optus would prompt criminals to wonder if Australia has other vulnerabilities.
"We use lots of internet-connected healthcare devices and if those devices are hacked and remotely compromised by these cyber criminals, we'll be left in a situation where we have to pay ransom, otherwise people's lives will be at stake," Dr. Ahmed says.
"Imagine that for senior citizens using pacemakers or any other embedded or implanted devices […] Who knows, if we do not pay attention, if we do not follow cyber hygiene, things [may] go catastrophic,” he adds.
According to Dr. Ahmed, International threat actors are apparently targeting Australia, partly due to its affluence and partly since the COVID pandemic has increased the cost of living.
Cybercrime: a Battlefield
Cyber security researcher Mamoun Alazab on the other hand equates cybercrime to a battlefield, saying it is a matter of time when - not if – Australia will witness data leaks, eventually affecting more people than in the Medibank and Optus data breach cases.
The associate professor of information technology at Charles Darwin University anticipates that the government will now be better organized in terms of cyber warfare, since it has become a part of national security.
While Cyber Security Minister Clare O’Neil announced last month of a 100-strong standing cybercrime operation, that would be put to action by the federal police and Australian Signals Directorate. Dr. Alazab warns that publicly announcing the operation could entice criminals into attempting more cyberattacks.
"We focus so much on [Australia's] offensive operation — we need to focus on the defensive operation […] We are encouraging other … criminal groups to get together to prove us wrong, to cause more embarrassment," Dr. Alazab said.
