iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
The federal government has begun running Australia’s major banks and financial organisations through scenario-based exercises in response to the growing number of cyber attacks on critical infrastructure and major institutions.
Home Affairs and Cyber Security Minister Clare O’Neil just last week announced that the government would be launching a range of exercises that would help the nation prepare for a “dystopian future” in which threat actors and organisations will hold entire digitally connected cities to ransom.
Now, the major banks have been invited to take part in war-game-style exercises to test how they would react to attacks on their systems.
In what appears to be the first of the announced exercises, the government invited representatives from the Reserve Bank, alongside the Australian Federal Police, Australian Prudential Regulation Authority, and the Australian Securities and Investments Commission to take part in a three-hour tabletop exercise.
The exercise examined how the agencies would respond to an attack and work in conjunction to mitigate the consequences of an attack that saw highly sensitive information stolen and networks encrypted, as has been the case with many of the recent ransomware attacks affecting Australian organisations.
The government announced that similar exercises would soon be conducted with individual banks before expanding into other industries, such as critical infrastructure and the aviation sector.
“We’re conducting exercises where we play through what it would look like to have a major bank, for example, come down in a cyber attack,” said Minister O’Neil.
“How would government work with that company to get services back online? If one of our big four banks is down, who can assist in providing services to those customers? How can we make sure the country continues to function properly while we solve the problem?”
The exercises come after the cyber minister called the recent Optus and Medibank hacks the “tip of the iceberg” and said that the organisations conducting these attacks are “becoming more professionalised, industrialised, powerful and effective”.
Minister O’Neil called state-sponsored actors the “apex predators” but said that those targeting organisations and infrastructure for financial gain were “public enemy number one”.
With the introduction of the exercises and work on a new cyber security strategy to run until 2030, the government is bolstering its defences against critical infrastructure attacks.
“[These attacks are] real and consequential … but when you think about the impacts of the failure of a major hospital, the interruption of a traffic network or serious disruption of our banking system, the impacts can get much worse,” said Minister O’Neil.
“Consider what damage could be caused if attackers intentionally try to degrade trust in a major system we depend on, like telecommunications or banking. We need to plan for utilities to go down, for hospital systems to be under attack.”
Minister O’Neil has said that as every business is a target, every single Australian is at risk. The goal of the government is to ensure that in the event of a cyber attack, it will have “no profound impact” on Australian citizens’ lives.
In addition to the exercises and the new cyber security strategy, the government has announced the creation of a new National Office for Cyber Security within Home Affairs, which will be led by a national cyber coordinator. The new office will overlook the response to future cyber attacks.
Be the first to hear the latest developments in the cyber industry.
