Australia’s media and telecoms sector saw most data breaches in 2022

The year of 2022 was a prolific one for cyber attacks in Australia, with a record number of breaches reported when compared with previous years. The media and telecoms industry alone accounted for 72% of Australia’s 50 million stolen credentials, followed by the public sector which accounted for nearly 20% of the country’s total data breaches.

Those were some of the findings revealed by threat intelligence supplier Flashpoint in a report on Australia’s cyber threat landscape, a data-driven analysis of emerging security and intelligence trends that impacted organisations in the public and private sectors in 2022.

According to the report, poor cyber security practices were among the factors that contributed to data breaches in Australia. In the public sector, for example, Flashpoint analysts observed security incidents throughout the year where government workers and contractors had used personal emails on government systems to subscribe to services that were unrelated to their jobs.

In the media and telecoms sector, which includes companies that provide web hosting, data processing and programming design services, a “lax security culture” exacerbated by the shift to remote work had made them more vulnerable to data breaches, the report noted.

Fraud and phishing campaigns were among the common methods employed by threat actors. However, ransomware attacks were increasingly being used by advanced persistent threat (APT) groups, such as those launched against Optus and Medibank. Flashpoint identified a record 56 successful ransomware attacks aimed at Australian organisations alone.

Flashpoint’s data also found that more threat actors were focused on obtaining email addresses and account credentials, though all personally identifiable information was at risk of being exfiltrated for financial gain.

The cyber incidents of 2022 have spurred the Australian government to appoint a coordinator for cyber security, with the country now ranking first among global peers for cyber progress. These changes are timely as Flashpoint’s report indicates attacks are on track to increase further in 2023.

Ben Gestier, Flashpoint’s senior intelligence analyst and team lead in Asia-Pacific and EMEA, said there has never been a more pressing need for an “all-hands on deck approach” to cyber crime, a sentiment in line with Australian prime minister Anthony Albanese announcing that “strengthening Australia’s cyber security is a fundamental priority”.

“Security and intelligence teams responsible for protecting their assets, data and infrastructure must resist identifying and mitigating cyber threats in silos,” said Gestier. “A nation’s risk landscape is too volatile and complex for a single business or government to decipher in full. An all-encompassing view of risk is needed to shore up defences and mitigate attacks when they occur.”