Australia’s social media legislation has changed with the inclusion of YouTube in the country’s list of proscribed entities subject to the under-16 ban, marking an expansion of what will become the world’s first comprehensive social media restriction for minors.

The Australia YouTube ban represents a policy shift, after the government initially exempted the Google-owned platform from restrictions that already include TikTok, Instagram, Facebook, X, and Snapchat.

Prime Minister Anthony Albanese announced the policy reversal on Wednesday, emphasising the government’s commitment to protecting young Australians from digital harm. “Social media is doing social harm to our children, and I want Australian parents to know that we have their backs,” Albanese said. “There is no one perfect solution when it comes to keeping young Australians safer online – but the social media minimum age will make a significantly positive difference to their wellbeing.”

The decision to include YouTube in the ban came after Australia’s eSafety Commissioner Julie Inman Grant recommended the platform’s inclusion last month, citing it as “the most frequently []mentioned] platform” where children aged 10 to 15 years encountered harmful content.

The recommendation is despite YouTube’s assertions that it shouldn’t be classified as social media, with the company stating in a statement on Wednesday that the platform “offers benefit and value to younger Australians.”

Under the expanded legislation, the Australian YouTube ban will prevent teenagers from creating accounts, required for uploading content or interacting through comments. However, young users will retain the ability to view videos without accounts, maintaining access to educational and entertainment content while limiting their exposure to potentially harmful interactive features.

Federal Communications Minister Anika Wells defended the government’s approach, stating: “There’s a place for social media, but there’s not a place for predatory algorithms targeting children.” She described trying to protect children from the harms of the internet as “like trying to teach your kids to swim in the open ocean with the rips and the sharks compared to at the local council pool.”

The minister’s comments came in response to reports that Google had threatened legal action if YouTube was included in the ban, arguing such restrictions would limit political freedom. Wells dismissed these concerns, stating: “We can’t control the ocean, but we can police the sharks and that is why we will not be intimidated by legal threats when this is a genuine fight for the well-being of Australian kids.”

The comprehensive nature of Australia’s approach extends beyond access restrictions. Tech companies face substantial penalties of up to A$49.5 million for non-compliance with the age restrictions. The legislation requires platforms to deactivate existing accounts for under-16 users, prevent new account creation, and work actively to stop workarounds and correct implementation errors.

Exclusions to the ban remain in place for “online gaming, messaging apps, health and education services” as they “pose fewer social media harms to under 16s,” according to the official rules. The legislation will begin implementation on December 10, 2025. It is attracting international attention, with Norway announcing similar measures and the UK considering following Australia’s lead.

Australia’s legislative approach contrasts with developments in other markets, where platforms are implementing or starting to enforce their own age verification measures. While Australia mandates restrictions through legislation, the United States is witnessing voluntary platform initiatives to address similar concerns about youth safety online.

In a notable parallel development, YouTube announced this week that it will deploy artificial intelligence technology to identify US viewers under 18, beginning August 13, 2025. The AI-powered “age estimation model” will analyse user behaviour, including video search patterns, viewing categories, and account longevity to determine whether users are likely under 18 years old.

Google says YouTube’s AI system will “interpret a variety of signals that help us to determine whether a user is over or under 18,” including “the types of videos a user is searching for, the categories of videos they have watched, or the longevity of the account.” When the system identifies teen users, it will automatically apply age-appropriate protections, including disabling personalised advertising and implementing digital wellbeing tools.

If the system incorrectly identifies adult users as minors, they can verify their age using “a credit card, government ID, or selfie.” Only verified adult users will be able to access age-restricted content on the platform.

The timing of parallel developments in Australia and the United States highlights the growing global focus on protecting young people from potential digital harms.

YouTube’s response to the Australian legislation remains measured, with a spokesperson stating the company will “consider next steps” and “continue to engage” with the government. The diplomatic approach suggests ongoing negotiations as the December implementation date approaches.

The global implications of Australia’s legislation extend beyond its borders, as governments worldwide observe the practical implementation challenges and effectiveness of such comprehensive age restrictions. The success or failure of the YouTube ban in Australia could influence similar legislative efforts internationally, making Australia an important test case for the future of youth protection in digital spaces.

Find out more about the Digital Marketing World Forum series and register here.

The post Australia includes YouTube in under-16 ban after removing platform exemption appeared first on TechWire Asia.

Qantas says someone claiming to be behind a recent data breach has reached out to the airline, following an attack that may have exposed the personal details of up to 6 million customers.

In a statement, a Qantas spokesperson said the airline is working to confirm the legitimacy of the contact. The matter has been referred to the Australian Federal Police (AFP), but the company declined to say if a ransom was involved.

“There is no evidence that any personal data stolen from Qantas has been released,” the spokesperson said. “With the support of specialist cybersecurity experts, we continue to actively monitor.”

The AFP also confirmed it is investigating and will provide more information at a later stage. “The airline has been highly engaged in assisting authorities and the AFP with investigating this incident,” it said.

The breach, which occurred on July 2, targeted a third-party system connected to a Qantas call centre. The data potentially accessed includes customer names, email addresses, phone numbers, and dates of birth. The airline says it shut down the suspicious activity quickly, but a significant amount of data may have been taken.

Qantas added that no credit card, financial, or passport information was involved, and login credentials, such as passwords or PINs, were not accessed. Frequent flyer accounts were also unaffected.

The identity of the attacker remains unknown. However, the tactics used match those of a group known as Scattered Spider, which has previously been linked to attacks on other large companies, including UK retailer Marks & Spencer.

Unlike many cybercrime groups based in Russia or Eastern Europe, Scattered Spider is believed to include native English speakers. This has allowed the group to use voice-based social engineering tactics—sometimes called “vishing”—to bypass security systems.

These attacks often involve calling a company’s IT support, posing as employees or contractors to trick help desk staff into granting access or turning off multi-factor authentication.

“Native English authenticity can sometimes lead to an automatic sense of trust. There is a level of perceived familiarity that might cause personnel or even IT teams to lower their guard slightly,” said Nathaniel Jones, vice-president of threat research at Darktrace, highlighted by The Guardian.

In recent months, Scattered Spider has reportedly targeted US airlines using these same tactics.

Social engineering attacks are becoming more common in Australia. The Office of the Australian Information Commissioner (OAIC) reported that nearly a third of all malicious or criminal data breaches in the second half of last year were linked to social engineering. Government agencies were hit particularly hard, accounting for 60 of the 115 reported incidents—up 46% from the previous period.

Google has also flagged similar tactics in recent threat reports, pointing to a rise in impersonation-based attacks across multiple sectors.

The Qantas breach adds to a growing list of cyberattacks that have affected major Australian organisations. Optus, one of the country’s top telecom providers, was hit by a breach that exposed personal information from millions of customers. Medibank, a major health insurer, suffered an attack that resulted in medical data being leaked online.

There have also been concerns about the security of Australia’s retirement savings system after cybercriminals targeted the $4 trillion superannuation sector.

These incidents have put more pressure on companies and regulators to strengthen their cybersecurity practices. While many firms are investing in new tools, recent breaches suggest that basic controls—like verifying internal access requests and monitoring third-party systems—still fall short.

The post Qantas says group claims responsibility for frequent flyer data breach appeared first on TechWire Asia.

Zebra Technologies wants to change how AI-powered frontline operations to reshape Asia Pacific’s business landscape in 2025, as Asian organisations face pressure to maximise efficiency. The transformation comes at a important time – CISQ estimates that poor software quality cost US businesses alone $2.41 trillion in 2022, underscoring the urgent need for practical, purpose-driven technology solutions that deliver accurate results.

“Elements of our three-pillar strategy have been around for quite some time, but what’s changing the frontline today is intelligent automation,” said Tom Bianculli, chief technology officer at Zebra Technologies, speaking to reporters at a briefing during Zebra’s 2025 Kickoff in Perth, Australia. “We’re not just digitising workflows – we’re connecting wearable technology with robotic workflows, enabling frontline workers to interact with automation in ways that were impossible just five years ago.”

Changing retail with AI-powered frontline operation

The transformation is already yielding results in real-world applications, according to Zebra Technologies. Bianculli highlighted a recent co-innovation with a major North American retailer: “You snap a picture of a shelf in one second, the traditional AI identifies all the products on the shelf, identifies where there’s missing product, maybe misplaced product. Then it makes that information available to a genAI agent that then decides what should you do.” What traditionally required multiple manual steps now happens automatically. “If it sees what’s missing and there’s back stock, it automatically generates a task for someone else, the right person, to fill that back stock,” Bianculli explained. He said the automation enables retailers to accomplish with three people what previously required four.

APAC’s strategic transformation

The APAC region is proving to be particularly receptive to these types of innovations. According to IBM research presented at the briefing, 54% of APAC enterprises now expect AI to deliver long-term innovation and revenue generation opportunities. The region’s 2025 AI investments reflect that optimism:

• 21% of investment is focused on enhancing customer experiences
• 18% is directed at business process automation
• 16% is invested in sales automation and customer lifecycle management

Ryan Goh, senior vice president and general manager of Asia Pacific at Zebra Technologies, showcased practical applications already in use: “We have customers in e-commerce using ring scanners to scan packages, significantly improving their productivity compared to traditional scanning methods,” he said.

Technology at the edge

Zebra’s approach to frontline operations focuses on:

1. AI devices: Built with native neural architecture to support on-device AI models
2. Multimodal experiences: Models that can see, hear, interpret, and speak just like a cognitive human being
3. GenAI agents: Models that distribute workload between device and cloud for specific workflows

“We are also working [running] some of these large language models actually down on the device,” Bianculli revealed, presenting solutions for environments where there is no internet connectivity. “If we can run the model down on the mobile computer, we can still enable those use cases in those environments.”

Market-specific solutions

The company’s regional strategy addresses distinct markets in the APAC’s diverse economic landscape. Ryan expressed optimism for the region’s key markets, particularly as now follows a period of market adjustment during which customers had previously overbought. Technology adoption is surging in India, for example, where GDP is projected to grow by 6.6%, with manufacturing showing 7% year-over-year growth. 96% of Indian organisations surveyed by WEF are running AI programs, the press were told, and the company’s focus is on enhancing operational efficiency through foundational technologies.

“Tech – from barcodes and RFID, will enable sectors like logistics to overcome challenges and grow,” Goh explained, stating how basic automation can drive digital transformation.

Japan presents unique opportunities, with a projected 1.2% GDP growth and 70% GDP derived from services. Transport and logistics and rising domestic and tourist retail activity are the primary growth-drivers. The country’s distinct challenge with labour shortages and an ageing workforce is accelerating automation adoption. This has led to unexpected applications of some of Zebra’s solutions, particularly in the tablet sector.

“We used to think that tablets are for retail, but the Bay Area proved us wrong,” Goh said. “A lot of [tablets] are in manufacturing. We have also recently launched our new tablet portfolio. KC50 is a kiosk that enables retailers to move the task of scanning payment right to customers rather than having staff do it.” The shift exemplifies how market-specific challenges are driving innovative application of existing technologies. For example, in regional implementations, Goh said customers can unexpectedly optimise workflows. “We have a customer optimising workflow in their warehouse with RFID. That helped improve [and] optimise workflow, drive efficiency and reduce mistakes.”

Future-ready operations

According to Gartner’s projections, by 2027, 25% of CIOs will use augmented connected workforce (ACWF) initiatives to reduce training times by 50% for certain roles. This aligns with Zebra’s recent announcement of its Z Companion that uses generative AI and large language models. It’s set for pilot deployment with select customers in Q2 of this year. With approximately $5B in global sales, 120+ offices in 55 countries, and 10,000+ channel partners across 185 countries, Zebra is positioning itself in the middle of the region’s transformation.

The post AI-powered frontline ops: Zebra Technologies’ vision for APAC appeared first on TechWire Asia.

Australian teenagers under 16 will be locked out of social media platforms under sweeping new laws announced by Prime Minister Anthony Albanese on November 7. The unprecedented ban, which could take effect late next year, marks any country’s most authoritarian stance to shield young people from social media’s influence.

If you think TikTok dances and Instagram stories are harmless teen pursuits, the Australian government disagrees. Its world-first package of measures goes beyond typical age restrictions, introducing biometric verification systems and government ID checks to enforce the ban. Unlike similar policies elsewhere, Australia’s approach offers no wiggle room—not even with parental permission.

While other countries have introduced various forms of social media regulation for young users, Australia’s vigorous enforcement mechanisms break new ground with its absolute stance: no parental consent exceptions, no ‘grandfather clauses’ for existing accounts, and the implementation of sophisticated age verification methods, including biometrics and government-approved.

“Social media is harming our kids, and I’m calling time on it,” Albanese told a news conference, according to Reuters. “If you’re a 14-year-old kid getting this stuff, at a time where you’re going through life’s changes and maturing, it can be a really difficult time, and what we’re doing is listening and then acting.”

The newly-unveiled comprehensive package of measures signals a significant shift from the current self-regulatory framework, which has primarily left social media platforms to set their own rules regarding young users. The age verification trial, a cornerstone of the new policy, marks uncharted territory in social media regulation. 

Australia is the only jurisdiction that has attempted to implement such stringent verification methods, making it a test case for whether such measures can effectively restrict youth access to social media platforms. Albanese said legislation will be introduced into the Australian parliament this year, and the laws will come into effect 12 months after being ratified by lawmakers.

“The onus will be on social media platforms to demonstrate they are taking reasonable steps to prevent access,” Albanese said. “The onus won’t be on parents or young people.” Inevitably, the success or failure of Australia’s approach could influence global policy decisions on digital youth protection.

The absence of a parental consent option is particularly noteworthy, as it removes what has traditionally been a common exception in digital age restrictions. This absolute approach suggests a fundamental shift in how governments view the role of parental discretion in children’s digital lives.

The proposed legislation will certainly raise several critical questions about implementation and enforcement. How will the biometric verification system work in practice? What measures will be in place to protect the privacy of young users during the verification process? How will the ban affect Australian teenagers relying on social media platforms for social connection and educational purposes?

From a privacy perspective, there would also eventually be concerns about the collection and storage of biometric data from young people. Nevertheless, social media platforms, which have historically resisted strict regulation, must adapt their operations significantly to comply with these new requirements in the Australian market. 

The technical challenges of implementing robust age verification systems and the complete ban on under-16 access present unprecedented operational challenges for these companies. As the legislation moves toward implementation in late 2025, it will likely spark intensive discussion about the future of social media regulation and youth digital rights globally.

The post Australia sets global precedent with strict teen social media ban appeared first on TechWire Asia.

China finds itself at the heart of global scrutiny once more. Following its recent shift in tech policy, including the move to phase out AMD and Intel microprocessors in governmental applications, serious allegations have emerged from the U.S. and the UK. Authorities in these countries have leveled charges, imposed sanctions, and accused Beijing of orchestrating a vast cyberespionage campaign, reportedly affecting millions, including lawmakers, academics, journalists, and companies, notably in the defense sector.

Termed Advanced Persistent Threat 31, or “APT31,” this hacking ensemble is characterized by officials as a branch of China’s Ministry of State Security. A broad spectrum of individuals and entities has been identified as targets, encompassing White House personnel, U.S. senators, British legislators, and international officials critical of Beijing, as reported by Reuters.

Although specific victims have not been fully disclosed, it’s clear that over the past decade, these hackers have penetrated defense contractors, dissidents, and various sectors in the U.S., such as steel, energy, and apparel. They’ve also targeted leaders in 5G and wireless technology, extending even to the spouses of prominent U.S. officials and lawmakers.

Deputy U.S. Attorney General Lisa Monaco stated that the operation aimed to stifle criticism of the Chinese regime, compromise government institutions, and steal trade secrets.

A recent indictment of seven alleged Chinese hackers has brought to light the magnitude of their operations, detailing breaches involving work accounts, personal emails, and more, impacting millions in the U.S. British officials have also highlighted APT31’s hacking of key UK lawmakers and have connected another group of Chinese spies to a significant breach of Britain’s electoral commission.

International reactions and repercussions on the “China hacking”

In response, Chinese officials in the UK and U.S. have dismissed these allegations as unfounded and slanderous.

Amidst these disclosures, the UK and U.S. have sanctioned individuals and entities believed to be linked to China’s state security apparatus and involved in these cyber operations.

This situation intensifies the already heightened tensions between Beijing and Washington over cybersecurity, with each side increasingly accusing the other of espionage. China has retorted with allegations of U.S. cyber intrusions into major Chinese corporations, such as Huawei Technologies.

One notable incident highlighted by U.S. prosecutors involved targeting staffers from a U.S. presidential campaign in 2020, corroborating Google’s reports of malicious emails sent to President Joe Biden’s campaign team, though no breach was confirmed.

The hacking of a significant American public opinion research firm in 2018, during the U.S. midterm elections, underscores the hackers’ strategic interest in political entities for their invaluable intelligence and data.

John Hultquist, chief analyst for U.S. cybersecurity intelligence firm Mandiant, has pointed out the substantial value political organizations offer to espionage efforts, underlining the critical insights and extensive data they provide to actors like APT31 in search of geopolitical intelligence.

The global stage of cyber warfare

The narrative has broadened beyond the initial U.S. and UK accusations against China regarding cyberespionage. The New Zealand government has also come forward, expressing its concerns to the Chinese government about a state-backed cyberattack on New Zealand’s parliament in 2021, discovered by the country’s intelligence services. This incident contributes to the intricate landscape of international cyber tensions.

This exposure of unauthorized access to New Zealand’s parliamentary systems through malicious cyber activities aligns with the allegations of cyberespionage by Britain and the U.S. against China. New Zealand and Australia have both denounced these extensive cyber operations.

New Zealand’s Foreign Minister, Winston Peters, has criticized such foreign interference as unacceptable. He highlighted that New Zealand has conveyed its concerns about cyber activities attributed to Chinese government-sponsored groups targeting democratic institutions in New Zealand and the UK to the Chinese ambassador.

The Chinese Embassy in New Zealand has not yet commented on these accusations.

We reject outright the groundless and irresponsible accusations against China on cyber attacks or intrusions, and have lodged serious démarches to New Zealand’s relevant authorities, expressing strong dissatisfaction and resolute opposition.

Cybersecurity is a global challenge.…

— Wang Xiaolong (@AmbChina2NZ) March 26, 2024

The New Zealand Communications Security Bureau (GCSB), in charge of cybersecurity and signals intelligence, has linked a state-sponsored Chinese entity, known as Advanced Persistent Threat 40 (APT40), to the malicious cyber activities against New Zealand’s parliamentary services and parliamentary counsel office in 2021. The GCSB associates APT40 with the Ministry of State Security, noting that while no sensitive or strategic information was compromised, the attackers extracted technical data, potentially enabling further intrusive activities.

According to the GCSB, a notable portion of the malicious cyber events targeting nationally significant organizations last year were traced back to state-sponsored actors, not exclusively China. The bureau also criticized similar cyber activities linked to Russia.

Judith Collins, the minister responsible for the GCSB, stated that cyberespionage efforts targeting democratic institutions are universally condemnable.

Towards a unified stance against cyber intrusions

This development follows charges, sanctions, and accusations by American and British officials against Beijing, accusing it of conducting a widespread cyberespionage campaign that allegedly affected millions globally, including lawmakers, academics, journalists, and businesses, such as defense contractors. The group behind these activities, identified as Advanced Persistent Threat 31 or “APT31,” is said to be an extension of China’s Ministry of State Security, with a broad list of global targets reported by officials from the two countries.

A joint statement from Australia’s Foreign Minister Penny Wong and Home Affairs Minister Clare O’Neil criticized the continuous cyber targeting of democratic institutions, emphasizing the adverse impact on democratic and open societies like Australia. They stated that such behavior is unacceptable and must cease.

In 2019, Australian intelligence attributed a cyberattack on its national parliament and the country’s three largest political parties before the general election to China, though the Australian government has not officially confirmed the perpetrator.

Well, it looks like the cyber saga is thickening, with China in the hot seat for allegedly orchestrating a vast network of cyberespionage that spans continents. The U.S., UK, New Zealand, and Australia are ramping up their cybersecurity defenses and calling out China’s actions on the global stage. It’s a classic case of “your move, China,” as the international community tightens its ranks against these cyber intrusions.

But what does the future hold? Well, if history has taught us anything, it’s that with every action comes a reaction. China might double down on its cybersecurity measures and retaliate, or perhaps, just perhaps, this international spotlight could usher in a new era of cyber diplomacy. In a world where technology continues to blur the lines between the possible and the impossible, who’s to say what the future might hold? One thing’s for sure: the global dialogue on cybersecurity is heating up.

The post Global concerns rise over alleged cyber hacking activities linked to China appeared first on TechWire Asia.

Generative AI’s marketing narrative has caught everyone’s attention, heralding a new era where it reshapes business strategies, particularly in learning and development. This comes at a critical juncture, where acquiring digital skills is beneficial and essential for businesses and their workforce. However, a recent study has highlighted a surprising trend: many Australians seem to underestimate the impact this technology could have on their professional lives.

A collaborative study conducted by RMIT Online and Deloitte Access Economics has shed light on an alarming gap in Australians’ understanding of generative AI’s potential to disrupt existing job roles. This lack of awareness is especially concerning, given the rapid pace of digital transformation across industries.

The skills gap in digital competencies among both employers and employees is becoming increasingly apparent. Employers have noted a particular shortage in digital skills within their organizations, with a significant emphasis on generative AI, machine learning, data science, coding, and cybersecurity. This scarcity has led businesses to offer a considerable premium for these in-demand skills. Meanwhile, employees have acknowledged an even more acute shortage of digital skills, exacerbating fears about future job security in the face of emerging technologies.

Generative AI in the workplace: Use and relevance

This growing demand for digital skills underscores the urgency with which the Australian economy needs to address these skill shortages. Reports by Deloitte and the Australian Computer Society (ACS) project that an additional 1.3 million digital skills will be required by 2030 to keep pace with AI and data analytics advancements. This necessity is mirrored in the workforce’s sentiment, where most recognize the looming integration of technologies like generative AI into their daily tasks.

Despite the clear trajectory towards a more digitally integrated workplace, nearly half of the employees surveyed admit to having never used generative AI in their current roles, often citing its perceived irrelevance to their work. This viewpoint starkly contrasts with studies indicating that most occupations will eventually interact with these technologies. Employees do recognize the importance of digital literacy for their future success, although they underestimate the value of specific skills like data science and analytics.

The report reiterates the disconnect between employees’ current use of generative AI and their understanding of its relevance, despite widespread indications of its impending impact across various occupations. Furthermore, Deloitte’s research reveals that a mere fraction of Australian businesses feel fully equipped to adopt and utilize AI technologies effectively.

With digital skills in high demand, businesses are prepared to offer premiums for candidates proficient in data and digital competencies. This readiness highlights the critical skill gap in the Australian workforce, further magnified by the advent of AI and other pivotal technologies. RMIT Online’s CEO, Nic Cola, stresses the importance of proactive reskilling and upskilling to navigate the challenges posed by these technological shifts.

Echoing the need for a swift response to the evolving digital landscape, John O’Mahony of Deloitte Access Economics points out the unique advantages of generative AI in enhancing traditional learning and development. Its capability to produce customized content can significantly boost employee learning efficiency and knowledge retention.

Facing the future: The urgent need for strategic workforce development

Despite these insights, many employers have yet to introduce generative AI training within their organizations, underscoring a broader unawareness or hesitancy towards embracing these technologies. This reluctance occurs even as specific industries are poised for rapid and profound changes due to this revolutionary technology, emphasizing the critical need for a strategic approach to workforce development in the face of digital transformation.

Generative AI stands out from prior technological advancements with its ability to process vast amounts of unstructured data, eliminating a significant hurdle for business adoption. Its capability to generate new, multimodal content from straightforward user prompts opens up intelligence use to a wider audience, without requiring a background in computer science.

Currently, a mere 5% of Australian businesses are completely ready to integrate and utilize AI in their workflows. However, a substantial portion of the workforce and student body—32% of employees and 58% of students—already engage with generative AI, pushing its adoption across various sectors.

The main economic advantage of generative AI lies in its ability to enhance productivity by automating mundane and labor-intensive tasks. According to Deloitte’s survey on generative AI, regular users of these tools can save an average of 5.3 hours weekly. Those equipped with the skills to effectively employ the technology are at the forefront of these productivity improvements, with 59% of employees planning to enhance their generative AI skills within the following year.

Towards a generative AI-ready Australia: Bridging the training gap

However, there’s a noticeable disparity between employees’ enthusiasm to learn about generative AI and businesses’ investment in training and adopting these tools. 78% of companies surveyed have not offered generative AI training, or are unaware of such initiatives within their organizations. Additionally, 17% do not foresee providing training on generative AI at any point.

This gap in training exacerbates potential risks associated with generative AI, such as data breaches, inaccuracies, and copyright issues, with 53% of employees expressing concerns over privacy when using the technology in their roles.

Nevertheless, investment in AI by Australian companies is expected to surge to AU$27.5 billion by 2030, a seven-fold increase. This investment aims to maximize generative AI’s benefits by training employees on tailored models that securely and responsibly incorporate the company’s data. It also seeks to enhance workplace training and experiences through AI, thereby attracting and retaining employees adept in generative AI technologies.

Generative AI’s impact on skill demand varies across roles and industries, depending on how it’s applied. For instance, generative AI could affect 98% of sales tasks but only 3% of finance-related tasks in the retail industry. In cases where generative AI augments tasks rather than fully automating them, employees with basic technical skills, like coding and prompt design, can significantly benefit.

Five key industries—financial services, ICT and media, professional services, education, and wholesale trade—are poised for rapid and transformative changes due to generative AI, representing 26% of the Australian economy or nearly AU$600 billion in economic activity.

Although coding has been a highly sought-after skill in Australia for the past decade, the rise of no-code generative AI tools is making programming skills more accessible to the broader workforce. This shift underscores the growing importance of soft skills, such as critical thinking, problem-solving, and communication, alongside technical abilities.

Generative AI is also expected to generate new job roles, especially in managing customized AI models, necessitating specialized data skills. The demand for professionals capable of designing AI models, monitoring outputs, and ensuring training data is diverse and balanced is set to rise sharply. Projections from Deloitte and the ACS anticipate a 179% increase in demand for advanced data analytics skills and a 268% surge in high-performance computing skills by 2030.

The post Aussies don’t believe in the generative AI hype? appeared first on TechWire Asia.

When DP World Australia was hit by a cyberattack recently, it not only disrupted operations in the port but also marked the latest cyberattack on Australia’s critical infrastructure. The latest but by no means the first. In recent years, Australia has witnessed a significant increase in cyberattacks on its critical infrastructure.

In October 2022, Australia’s biggest health insurer, Medibank, suffered a ransomware attack. The cyberattack affected systems including online services and claim processing. Another major critical infrastructure cyberattack on services in Australia was the JBS meat processing company incident. Hackers were able to temporarily shut down some operations in Australia, Canada and the US, with thousands of workers affected, disrupting the supply chain.

A critical infrastructure cyberattack is a malicious act that targets vital systems such as power grids, water supply, and transportation networks, intending to disrupt essential services and cause widespread damage. These attacks can be carried out by hackers, criminals, terrorists, or nation-states, and can have severe impacts on the security, economy, and well-being of a country and its citizens.

While cyberattacks on critical infrastructure are not a new threat, they have become more frequent and sophisticated in recent years, as technology and international trends create new vulnerabilities and opportunities for attackers.

Given the increasing number and frequency of cyberattacks, experts in Australia and New Zealand predict critical infrastructure owners will enhance operational technology security as legislative changes take shape, but skills shortages and visibility over networks remain key issues. In Australia, the predictions come on the heels of the launch of the 2023-2030 Australian Cyber Security Strategy by the Federal Government, and as Security of Critical Infrastructure (SOCI) Act measures make an impact across critical infrastructure providers.

Improving critical infrastructure cybersecurity

According to Nozomi Networks, Australia and New Zealand critical infrastructure owners/operators will see a major uplift in cybersecurity, particularly in their operational technology (OT) and IoT environments next year. The company’s ANZ OT and IoT security experts called out the importance of improving visibility over networks and devices, ‘secure-by-design’ frameworks, avoiding victim blaming when organizations are attacked, and tackling the skills shortages impacting the industry.

Anthony Stitt, regional senior director for Nozomi Networks explained that as the official and unofficial grace periods come to a close on the SOCI requirements, it’s possible that regulated critical infrastructure providers continue to uplift their OT and IoT security posture. He believes that interest from non-regulated adjacent industries is high and more organizations will begin the journey.

“The inaugural Critical Infrastructure Annual Risk Review highlighted some important risks, including vulnerabilities in the connections between IT, OT and IoT environments, cyber-literacy and security practices are not keeping pace with digitalization, and next-generation technologies are needed to change the way to assess risk.

“One of the key issues to address is visibility over deep, widely connected networks with so many devices potentially talking to each other. All too often, IT and OT networks run together on the same flat network. For these organizations, many are planning segmentation projects, but they are complex and disruptive to implement, so in the meantime, organizations want to understand what’s going on in these environments,” said Stitt.

At the same time, Stitt felt it was really positive to see that organizations are more willing than ever to get their foot in the door. They understand there’s a lot of work to do, but starting with some basic tools and monitoring capabilities, can still make a huge difference, starting the process of maturation.

“In Australia, the government has performed very well by developing and executing the SOCI legislation reforms, and other regions are engaged in or considering similar initiatives. But across the region, we need a generational change to move away from victim blaming when cyber-attacks occur.

“There’s always something an attacked organization could have done to remain protected, but we can’t forget that cybercrime is a crime. Greater involvement and offensive capabilities from law enforcement will help to change that mindset, and it’s great that is a priority from government through the 2023-2030 Cyber Security Strategy,” added Stitt.

Addressing the skills shortage

Marty Rickard, director of customer success and technical support for Asia Pacific at Nozomi Networks said that the industry in Australia and New Zealand is still embattled with a major skills shortage. The limited talent is spread primarily among vendors, leaving gaps in internal OT teams and partners, which provide a broader range of security-focused services.

“People talk a lot about the skills shortage in IT, but at least there’s a fundamental understanding of the importance of security in IT. That can’t be said of OT yet, but it’s improving – we’re going through the same pain IT did a decade ago, building these skills and understanding, often from scratch, which is positive,” Rickard explained.

As it matures, Rickard mentioned the need to see OT and IoT security become ingrained into governance, risk and compliance (GRC) teams. Nozomi Networks will be working closely with a range of critical infrastructure providers to take or at least build towards that journey in the year ahead, but the inaugural Critical Infrastructure Annual Risk Review reminds the industry that these skills shortages aren’t going away.

Rickard added that in New Zealand, there is some much-needed maturity in the market which is positive and is expected to continue in 2024.

“The ‘sky is falling in’ fear-mongering is being replaced by practical engagement, technology discussions, and compensating controls to recognize and address risks for what they are,” added Rickard.

Critical infrastructure needs to be secure by design

Another way of improving cybersecurity in critical infrastructure is by ensuring networks and devices are secured by design. Dean Frye, a Nozomi Networks solutions architect for Australia and New Zealand feels that this will ramp up significantly in 2024. But he also acknowledges that that there are still too many projects taking place where secure by design isn’t considered, and isn’t known or understood as a concept.

“It comes down to fundamental controls normalizing and recording the privileges granted to each device and network, holding that in a database and reviewing it regularly, assisted with automation tools. We need a major education and upskilling journey to change this, and the advent of SOCI, greater knowledge sharing between facilities managers, OT professionals and others are making a difference,” said Frye.

There is also the challenge of legacy critical infrastructure which Frye believes will be a greater challenge as some of these environments were built before cybersecurity even existed.

“One example we encountered involved a council environment where a sewerage system network had an open line to the council chambers, the library, the dog pound, and more. This creates unnecessary risk, but segmenting and securing these networks in a legacy environment takes time. We’ll see a strong improvement in this space in 2024, but ultimately it will take a long time to fully rectify,” Frye stated.

The post Australia and New Zealand to see uplift in critical infrastructure cybersecurity appeared first on TechWire Asia.

As Australia’s newly enforced cybersecurity strategy is unveiled, there have been some mixed reactions from the industry. While the general sentiment on the strategy is positive, some tech experts feel there are still some areas that could have been better planned.

The new strategy, which hopes to make Australia a world leader in cybersecurity by 2030, focuses on protecting both Australian citizens and businesses. It also has a clear focus on helping SMBs improve their cybersecurity, with an allocation towards developing the talents needed in the field.

Are there sufficient funds?

Despite this, some tech experts feel that some areas need more details so that the strategy can be implemented better. David Fairman, the chief information and security officer for APAC at Netskope, commented that there should be a higher level of clarity and details on how the funds are going to help achieve all the initiatives outlined in the plan.

“Even though there’s AUD$600 million allocated for this strategy in addition to the AUD$2.3 billion already committed by the previous government, I think it would help everyone to understand how the funds are going to be allocated with more granularity to complement the overarching plan and answer concerns that the funding may not be high enough in some aspects.

“For example, there’s AUD$7.2 million dedicated to building a voluntary cyber-health check program for SMBs. With more than 2 million SMBs in Australia, is it really going to be enough?” questioned Fairman.

Fairman also highlighted that the strategy is light on details of how the government will track and communicate progress to the wider community. Fairman believes that strategies are only good if they’re successfully implemented, and committing to reporting deadlines or processes is a way to reassure everyone that the government will do its best to stick to its plan.

“We have to consider the financial impact of some of those measures on businesses, and the costs they will have to bear. The economy is still very much in a recovery phase, and many businesses will probably need some sort of financial support to afford cybersecurity upgrades. A cyber-health check for SMBs is great, but if most can’t afford to fill the identified cybersecurity gaps, the plan will fail,” added Fairman.

Not an easy journey for cybersecurity in Australia

For Marcus Thompson, senior advisor at Macquarie Technology Group and chair of ParaFlare, the strategy’s emphasis on resilience and urgency is welcome, and its aim to make Australia a world leader in cybersecurity is admirable – though no easy feat.

As the strategy outlined six shields for cybersecurity, Thompson felt that there could have also been one dedicated solely to citizen responsibility would have been a useful inclusion. Thomspon believes that while it is a focus area of the strategy, the role and responsibility every single citizen has to protect themselves and the community cannot be understated.

On sharing threat intelligence in the region, Thompson, who is also the former head of information warfare for the Australian Defense Forces, said that the government’s strong focus on sovereign industry is something for which he and others have long campaigned.

“The nature of cybercrime and the role played by foreign threat actors means we cannot be assured in our defenses without a strong, local, sovereign base. A greater emphasis on threat sharing is something the industry has long been calling for. Regulations such as the Security of Critical Infrastructure (SOCI) Act and the Notifiable Data Breaches scheme have put the onus on industry, but now the government is committing to increase its threat sharing with industry,” commented Thompson.

Making the right choices

While Ian Yip, CEO of Avertro was pleasantly surprised to see more attention given to the country’s ability to solve problems through innovative solutions via the newly minted Cyber Security Industry Challenge program, he also felt the only way the Australian government knows how to dish out money is via grants.

“My concern is that it devolves into a way for professional services firms to build bespoke solutions for agencies that cannot scale beyond that organization.”

Meanwhile, Jacqui Nelson, CEO of DekkoSecure, a specialist in Zero Knowledge security models used by Australian and global law enforcement and security conditions organizations, is deeply concerned about the quality of the cyber-products people are being sold without quality checks. The Australian Signal’s Directorate threat report shows that something is not adding up.

“While we commend the government’s initiative to establish a code of practice for cyber-incident response providers, this is just a stepping stone towards the comprehensive standardization we need in cybersecurity. The current plan addresses service quality and professional standards, which is positive.

“However, a significant gap remains in providing a broader, government-endorsed rating system that encompasses all cybersecurity providers. Such a system is crucial for businesses and consumers to understand and trust the security measures they rely on truly,” said Nelson.

While Nelson agrees that the strategy’s proposal to create a voluntary labeling scheme for the cybersecurity of smart devices is a forward-looking initiative and recognizes the need for standards in the increasingly digital world, it does not go far enough.

“We need to expand this vision to include a more inclusive and comprehensive rating system that covers the entire spectrum of cybersecurity solutions. Only then can we ensure that businesses and individuals are fully informed and protected in this rapidly evolving digital landscape,” explained Nelson.

The post More questions for Australia cybersecurity strategy   appeared first on TechWire Asia.

Cybersecurity in Australia is becoming a prerogative as the government works towards safeguarding citizens and businesses. One cybercrime is reported every six minutes in Australia, with ransomware alone causing up to AUD$3 billion in damages to the Australian economy annually.

In response to which, the Australian government has released its plans to improve cybersecurity. The 2023-2030 Australian Cyber Security Strategy is a roadmap that aims to strengthen cybersecurity, manage cyber-risks, and better support Australian citizens and businesses.

Aiming to be a world leader in cybersecurity by 2030, the roadmap will be implemented through six cybershields. Each shield provides an additional defense against cyberthreats, placing Australian citizens and businesses at its core.

“Cybersecurity requires government and big business to lead. From today, we are shifting more of the cyber risk to those who are most capable. We hold industry to higher standards to protect our devices, data, and critical infrastructure.

For the first time, the government will hold itself to the same standard it expects of industry. The strategy is bold and ambitious – and it has to be. Because one thing is abundantly clear from what’s happened to our cyber-environment in the last five years: we can’t continue as we are. We need to push harder to get in front of this problem. For the first time, Australia’s Cyber Security Strategy will help our country do just that,” said Clare O’Neil, Minister of Home Affairs and Cyber Security in Australia.

To achieve its 2030 vision, the strategy will be delivered in three phases:

• Horizon 1 (2023–25) – Australia will strengthen its foundations. This includes addressing critical gaps in cybershields, building better protections for the most vulnerable citizens and businesses, and supporting improved cybermaturity uplift across the region.
• Horizon 2 (2026–28) – The focus will be scaling cyber maturity across the economy. This includes investing further in the broader cyber-ecosystem, continuing to scale up the cyber-industry, and growing a diverse cyber-workforce.
• Horizon 3 (2029–30) – Australia will advance the global frontier of cybersecurity. The country will lead the development of emerging cyber-technologies capable of adapting to new risks and opportunities across the cyber-landscape.

Views on the Australian Cyber Security Strategy

Following the unveiling of the strategy, several tech companies reached out to Tech Wire Asia to share their views on the strategy.

Aidan Tudehope, co-founder of Macquarie

Most collaboration between government, industry, and intelligence currently happens within what could be deemed the regulatory compliance vertical, owing to the legal ramifications organizations can face when cyber-events happen. This strategy allows greater collaboration between intelligence operators within both government and enterprises – typically CISOs, CIOs, and CTOs – and their counterparts in the Australian Signals Directorate.

Our AUKUS allies want confidence in Australia’s industrial base to support the partnership. Given cybersecurity’s horizontal effect across all industry sectors and their supply chains, getting behind the Strategy and building more cyber-aware citizens and businesses will help create that confidence and showcase the incredible capabilities and talent we have in the local sector.”

The current cybersecurity and privacy legislation landscape has evolved considerably in recent years and, in the process, has become fragmented across the Commonwealth, states, and territories. Minister O’Neil’s Strategy establishes cybersecurity as a unifying nationwide endeavor, led by the Federal Government as the exemplar, but delivered in synchronicity with all tiers of government, the private sector, and the broader economy.

SMEs are exempt from Australian privacy laws and many data protection, deletion, and governance requirements. But they make up about 95% of all organizations in Australia, and many are part of government and critical infrastructure supply chains, sharing data and digitally interacting with entities crucial to the nation’s economy and national resilience.

Organizations with an immature understanding of cyber and privacy measures could inadvertently create risk for other, potentially more critical organizations, and we strongly welcome the government’s targeted support to help SMEs achieve new levels of cybersecurity and sophistication.

Tim Hartman, head of solution architecture, Australia & New Zealand, Infoblox:

Infoblox welcomes the government’s 2023-2030 Cyber Security Strategy and mainly its focus on real-time threat intelligence sharing, working in partnership with our neighbors, and raising all organizations and people’s cybersecurity posture to make the whole stronger than the sum of its parts. Organizations face new threats every day but too often don’t speak up to partners, customers, like-minded businesses, or government intelligence, which leaves others to fend for themselves. The Strategy focuses on cyberprotection as a collective effort, and greater intelligence sharing will help us subvert cybercriminals.

While there’s a journey to become the most secure nation in the world in seven years, there are some essential quick wins organizations ranging from SMEs – which will have the benefit of the new cyber-‘health checks’ the government has announced – to significant enterprises and government agencies, can achieve now.

For example, when last reported by the Australian Signals Directorate (ASD), only 11% of organizations mandated to meet the Essential Eight maturity model had completed Maturity Level 2, a level experienced cybercriminals willing to invest in their time and tools can still break through. Further, just 26% of eligible or mandated organizations leveraged AUPDNS as of December 2022. This free protective domain name system (DNS) can employ response policy zones to dynamically filter out malicious and suspicious domains, which can foil over 90% of malware attacks.

A recent report showed that Australian organizations detected more issues from email/phishing attacks than any other type, including network, application, device/endpoint, cloud, third-party/supply chain, and ransomware attacks. The greater awareness, education, collaboration, and investment in our cybersecurity and defense capabilities will help the country zero in on where the issues and vulnerabilities lie, see the adoption of readily available frameworks and services rise considerably, and help Australia towards its ambitious goal to lead the world in this area.

Anthony Stitt, regional senior director, Nozomi Networks

One of the critical issues to address is visibility over deep, widely connected networks with so many devices potentially talking to each other. All too often, IT and operational technology (OT) networks run together on the same flat network. For these organizations, many are planning segmentation projects, but they are complex and disruptive to implement, so in the meantime, organizations want to understand what’s going on in these environments.

What’s positive is that organizations are more willing than ever to get their foot in the door. They understand there’s a lot of work to do, but starting with some essential tools and monitoring capabilities can still make a huge difference, and it starts the maturation process.

There’s always something an attacked organization could have done to remain protected, but we can’t forget that cybercrime is a crime. Greater involvement and offensive capabilities from law enforcement will help to change that mindset, and it’s great that is a priority from the government through the 2023-2030 Cyber Security Strategy.

Jacqueline Jayne, security awareness advocate, KnowBe4 APAC

While the rhetoric from previous ‘strategies’ is evident, there are some standouts regarding the ultimate goal of creating a ‘slip-slop-slap’ for cybersecurity.

This goal would mean that every Australian:

1. Understands and accepts that cybersecurity is everyone’s responsibility.
2. Is aware of the cyberthreat landscape.
3. Has all the essential cyber-hygiene elements in play.
4. Knows the red flags to be on the lookout for to avoid scams and cyberattacks.
5. Is comforted by the knowledge that their kids are safe online.
6. Knows what resources and support are available should they become victims of a scam or cyberattack.
7. Organization has an ongoing, relevant, and engaging security awareness program for all their employees and volunteers.

Chris Sharp, CEO at Pax8 APAC

There’s a path in Australia’s cybersecurity opportunity where the little guys aren’t left out, but the advice to market – particularly to SMBs – needs to be polished. The government’s “health check” program announcement is a valiant effort – the actual test will be how it educates the right people across a highly diverse SMB landscape. ‘Concierge-style’ support only goes so far, particularly if it doesn’t know where to go and businesses don’t understand why to seek it out.

Despite the flurry of media headlines, many SMBs remain blissfully unaware of how or why they can and should be involved in collectively raising the nation’s cyberdefenses. But it’s not their fault. Rhetoric typically focuses on ‘big business’ attacks, leaving SMBs thinking, “We’re too small; our data doesn’t matter.”

The latest ASD report on the 2022-23 financial year, citing 94,000 registered cybercrime incidents with average financial losses of AUD$46,000 to small businesses and AUD$97,200 to medium companies, busts this myth.

The problem is that SMBs don’t know who to start conversations with, or turn to. Working alone makes the cost of cybersecurity defenses untenable, but it doesn’t have to be this way. Your local florist, corner store, or even the grassroots neighborhood start-up can contribute to building Australia’s resilience; they need the education to know why and how to be government-compliant, fight increasing cyber-insurance premium costs, and protect their customers’ PII data.

Recent events have seen an escalation in Australian cyberattack threat.

The post Making sense of the Australian Cyber Security Strategy appeared first on TechWire Asia.

It’s been an eventful time for Australia recently. While winning the Cricket World Cup may have sparked some joy, the reality is that businesses in Australia are increasingly concerned about the number of cybersecurity incidents happening in the country.

Despite the government making changes to cybersecurity laws and businesses investing heavily in their cyber defenses, cybercriminals are still finding ways to infiltrate systems and wreak havoc on Australian businesses.

The recent DP World cyberattack, affecting several ports in Australia, highlights how vulnerable systems can be. The cyberattack forced the company to stop operations for a few days. Although the port has now resumed operations, the incident raised several questions.

One particular question arises about the importance of strong backup and recovery plans. Could the downtime have been reduced if the company had had a well-planned backup and recovery option?

To understand more about this, we caught up Michael Alp, managing director for Australia and New Zealand at Cohesity.

TWA: Could an efficient data management system have reduced the damage these companies faced and are organizations paying the ransom because they don’t have sufficient backup?  

Firstly, it’s important to note that the complete details of the DP World cyberattack have not yet been fully disclosed. However, the occurrence of the attack is not surprising, given that businesses now operate in a world where cyberattacks are a matter of when, not if.

In fact, when we polled 509 Australian & New Zealand IT and security decision-makers (split 50:50) in our 2023 State of Data Security & Management survey, 56% said their organization had been a victim of ransomware in the six months prior to being surveyed, and 95% felt the threat of ransomware to their industry had increased in 2023 compared to 2022.

That means it’s also unsurprising that 71% of respondents lack full confidence in their company’s ability to recover data and critical business processes after a system-wide cyberattack. This finding underscores both the necessity of cyber-resilience and the challenges in establishing or maintaining it.

Cyber-resilience is the ability to continue delivering business outcomes and generating revenue, even in the face of an adverse cyber-event. When a malicious attack occurs, it’s not just a business’s technology, people, or processes that are tested, but their cyber-resilience, due to its crucial role in ensuring business continuity in the digital world.

While efficient backup alone wouldn’t have prevented DP World’s cyberattack, modern data security and management capabilities might have helped either prevent the attack or limit its impact. These capabilities could have enabled quicker recovery, contributing to cyber-resilience. Notably, the reported cause of the attack was a failure to patch a vulnerability, a fundamental cybersecurity measure.

Modern data security and recovery technology provides organizations with critical capabilities like encryption and immutability, ensuring data integrity. It also enables the detection of attacks and compromises in real-time through AI and ML anomaly detection, and integrations with third-party security solutions, as well as facilitating automated rapid recovery and instant mass restore at scale.

However, if our survey data is anything to go by, there is still a significant journey that organizations must undertake to establish cyber-resilience and adopt the modern data security and recovery technology that today’s threat landscape demands.

95% of ANZ respondents to our survey revealing their organization would consider paying a ransom if it meant being able to recover data and restore business processes. This, coupled with more than 4 in 5 saying their organization would need four or more days to recover data and restore business processes if a cyberattack occurred, certainly suggests that cyber-resilience and data recovery gaps are leading to organizations paying, or at least considering paying, ransoms.

TWA: Is paying the ransom cheaper than going through backup and recovery?  

According to Gartner, the average cost of a ransomware attack is 10 to 15 times the ransom demand, a concerning statistic for companies considering ransom payment as a fallback option in the event of a cyberattack.

Given that the average ransom demanded globally has risen from US$812,380 in 2022, to US$1,542,333 in 2023, according to the Sophos State of Ransomware 2023 report, this means that simply paying a ransom as a reactive countermeasure is likely to not be nearly as cost-effective as proactively procuring the right cybersecurity, data security, and data recovery capabilities that allow you to recover without paying the ransom.

It is up to each business to determine if paying a ransom is an acceptable option. However, there will be some companies that are forced to make this decision in response to an adverse cyber-event because they do not have the right cyber-resilience capabilities in place to refuse the ransom, or because there is a gap in their cyber-resilience strategy.

There are multiple reasons why paying a ransom is a bad and ineffective response, including:

• It does not guarantee that you will recover all your data and restore your business processes to their prior state.
• Often, the data when returned is either so corrupted, encrypted irrevocably, or misaligned, that it requires a ‘professional services’ fee to be paid to malicious actors to help you reinstall it.
• Malicious actors may return only parts of your business-critical data and demand a second or even third ransom payment; some malicious actors leave backdoors or malware to make a secondary compromise easier.
• Ultimately, some of the ransom payment will be used to fund a strike on another business.

As many countries consider banning ransom payments, relying on them instead of cyber-resilience is not a sustainable long-term strategy for recovery from cyberattacks.

TWA: What are reasonable recovery times for any business experiencing a cybersecurity incident?  

It’s vital for businesses to understand that recovering from a cyberattack isn’t just about retrieving data; it’s about restoring business processes. This is crucial because a cyberattack compromises not only data but also a business’s operational ability, making attacks like ransomware particularly destructive.

Before determining an acceptable recovery timeframe—a period during which downtime can significantly impact revenue, brand reputation, and customer trust—it’s crucial for businesses to identify the data critical to their operations and assess its sensitivity, considering whether its compromise or theft would halt their business.

By pre-emptively assessing these data risks, a business ensures two things:

• Firstly, that this data can be backed up and made recoverable, and that it can test its data recovery and business processes restoration plan.
• Secondly, that it can determine what additional capabilities it may require or where the gaps exist in its data recovery strategy.

However, while a business should aim to be back up and running as soon as possible after a cyberattack, IT outage, or other disaster event, this is not nearly as simple as it sounds. When asked ‘How long would your organization take to recover data and business processes if a cyberattack occurred’ – in our 2023 Data Security and Management survey – over 99% of ANZ respondents revealed they would need over 24 hours, 80% said they would need more than four days, and almost half (47%) of respondents said over a week would be required.

This not only demonstrates the cyber-resilience and data recovery challenges that many organizations are facing, but also raises the question for businesses: how long can I afford to be offline? And for their customers: how long could I accept for a company to be offline before it affected my willingness to become or remain a customer?

These questions should guide businesses in defining a reasonable recovery timeframe and serve as criteria to measure the effectiveness of their cyber-resilience strategies and data security and management capabilities.

TWA: Can AI play an important role in data management, especially for backup and recovery for cybersecurity incidents? 

Death and taxes used to be the only two certainties in life. With the current business and cyberthreat landscape, cyberattacks are now very much a third.

In fact, in our 2023 State of Data Security & Management Report, 79% of Australian respondents (402) revealed they were concerned about their organization’s cyber-resilience strategy being able to ‘address today’s cyber-challenges and threats.’ Given this sentiment, for many organizations, there are clearly improvements that can be made to their cyber-resilience strategies, and data security, management, and recovery capability gaps to address.

It is vital that organizations can protect and secure their data, detect cyberthreats such as ransomware, and respond or recover rapidly when the worst occurs. The good news is that not only are these capabilities provided by modern data security and management platforms, but many of these capabilities are also now being enhanced by AI or made possible by AI. These include:

• AI & ML powered anomaly detection: to help monitor data and detect when anomalous changes are made to data, such as size or format, which typically indicate malicious activity is taking place or has taken place. This technology can recognize these patterns, triggering an alert that allows IT and security teams to act fast and respond to a compromise before it becomes a widespread attack, or limit its blast radius.
• AI-enabled multifactor authentication (MFA): the strong importance of MFA is well-documented because of its ability to defend against password cracking and brute-force methods. With AI, MFA can be enhanced to account for behavior (such as typing speed), become adaptive (requiring multiple authentications based on data risk), or detect fraud (automatically blocking a user if their access strays beyond normal boundaries).
• AI system behavior tracking: near real-time monitoring of privileged and administrative users to indicators of anomalous activity.
• AI-enabled ransomware detection: AI can analyze network traffic or file access to identify activity that could indicate a ransomware attack is imminent or in progress, including by ingesting threat intelligence from external threat feeds that help pre-identify IOC indicators.
• AI-enabled activity and behavior monitoring: AI can look at access and user behavior and determine if the activity is suspicious and could signal a ransomware attack: failed login attempts, excessive file access, or other activity that is out-of-band of established norms could be indications of ransomware activity. Activity monitoring can establish norms for both user and application behavior based on continuously analyzing activity logs with AI.
• AI-enabled optimized scheduling: based on the critical need and usage of data, seasonality, and other variables, AI can adjust and optimize backup schedules to ensure recovery point objectives (RPOs) are always met.
• AI retirement of inactive data: as part of the backup process, AI can help organizations determine what data has become dormant for archive. This helps reduce recovery time by eliminating the unnecessary recovery of unused data as well as creating efficiency and cost reduction in storage.

The post Data management: backup and recovery can make a difference in cyberattacks appeared first on TechWire Asia.

Australia is witnessing more and more cyberattacks as the government looks to improve the nation’s cybersecurity. The attacks have involved organizations from various industries, with some resulting in heavy financial losses.

In 2022, major cybersecurity incidents involved telcos, healthcare providers, and financial service providers. As a result, the government set up an agency to help coordinate responses to cybersecurity incidents. This also included raising the penalties for companies that did not take cybersecurity seriously, leading to breaches.

According to the Australian Cyber Security Center’s (ACSC) Cyber Threat report developed by the Australian Signals Directorate (ASD), a range of malicious cyber-actors showed the intent and capability needed to compromise vital systems and Australian networks were regularly targeted by both opportunistic and more deliberate malicious cyber-activity.

The report also stated that ASD responded to 1,100 cybersecurity incidents from Australian entities, with nearly 94,000 reports from 2022 to 2023, a 23% increase from the previous year. The average cost of cybercrime also increased by 14%.

“Australia’s region, the Indo-Pacific, is now seeing growing competition on multiple economic, military, strategic, and diplomatic levels, framed by competing values and narratives.

In this context, Australian governments, critical infrastructure, businesses, and households continue to be the target of malicious cyber-actors. This report illustrates that state and non-state actors continue to show the intent and capability to compromise Australia’s networks. It also highlights the added complexity posed by emerging technologies such as AI.

“The report demonstrates the persistent threat that state cyber-capabilities pose to Australia. This threat extends beyond cyber-espionage campaigns to disruptive activities against Australia’s essential services. The report also confirms that the borderless and multi-billion dollar cybercrime industry continues to cause significant harm to Australia, with Australians remaining an attractive target for cybercriminal syndicates worldwide,” said Richard Marles, Australia’s Deputy Prime Minister and Minister of Defense.

What are state-sponsored hackers?

State-sponsored hackers are cyberattackers who are supported or directed by a government. They may target other countries, organizations, or individuals for various reasons, such as espionage, sabotage, or influence operations.

Some examples of state-sponsored hackers are the APT groups (Advanced Persistent Threats), named by security researchers based on their tactics, techniques, and procedures. Some of the most notorious APT groups are APT28 (also known as Fancy Bear or Sofacy), which is linked to Russia; APT1 (also known as Comment Crew or Unit 61398), which is linked to China; and APT33 (also known as Elfin or Refined Kitten), which is linked to Iran.

State-sponsored hackers pose a serious threat to global cybersecurity and stability, as they can launch sophisticated and stealthy attacks that can cause significant damage or disruption. They can also exploit vulnerabilities in critical infrastructure, such as power grids, water systems, or healthcare facilities. Therefore, it is essential to have effective defenses and countermeasures against state-sponsored hackers.

The rise of state-sponsored hackers

The report showed that Australia has witnessed an increase in state-sponsored hackers recently. Earlier this year, another cybersecurity report by Microsoft also found that Chinese-state-sponsored hackers have been targeting Australia.

Specifically, the state-sponsored hackers are focused on critical infrastructure, data theft, and the disruption of businesses. The report stated that the AUKUS partnership (a partnership between the US, UK, and Australia) is a likely target for these hackers, especially since it focuses on advanced military development and nuclear submarines.

In 2023, ASD joined international partners to call out Russia’s Federal Security Service’s use of ‘Snake’ malware for cyber-espionage and also highlighted activity associated with a China state-sponsored cyber-actor that used ‘living-off-the-land’ techniques to compromise critical infrastructure organizations.

The rise of state-sponsored hackers has also meant that Australia’s critical infrastructure was targeted via increasingly interconnected systems. Given the increasing use of operational technology, cybercriminals are unleashing malicious cyber-actors to attack these systems. In the past year, the ASD has responded to 143 cybersecurity incidents related to critical infrastructure. The vast majority of these incidents were low-level malicious attacks or isolated compromises.

The leading cybersecurity incident types affecting Australian critical infrastructure were:

• compromised account or credentials
• compromised asset, network, or infrastructure
• DOS

The report also highlighted that these incident types accounted for approximately 57% of the critical infrastructure incidents for 2022–23. Other more prominent incident types were data breaches followed by malware infection.

Head of ASD’s ACSC, Abi Bradshaw CSC, shares the release of our 2022-23 #ASDCyberThreatReport. By working together we can stay ahead of cyber threats & make Australia a harder target for malicious cyber actors. Download the report ????https://t.co/11CRLzyuPf pic.twitter.com/uY8WllvwUW

— Australian Cyber Security Centre (@CyberGovAU) November 15, 2023

Was Australia’s major port operators hack a state-sponsored attack?

Given the details in the report, could the recent cyberattack on operations at DP World Australia be a state-sponsored attack? While reports show that the port is back online after being crippled by cybercriminals, investigations have yet to confirm who exactly perpetrated the cyberattack.

The incident disrupted operations in port terminals in Melbourne, Sydney, Brisbane, and Perth from the 10th-13th of November. The firm manages around 40% of the goods entering and leaving the country.

According to a report by the BBC, Darren Goldie, the Government’s cybersecurity coordinator, said the operator was making “good progress” at bringing its sites back online. DP World Australia, a unit of the Dubai state-owned DP World, said its ports resumed operations at 09:00 local time “following successful tests of key systems overnight.”

The company also explained that it halted internet connectivity at its ports to prevent any ongoing unauthorized access to its network. The Australian government continues to work with DP World Australia to support the management of any further consequences, including any significant disruption to Australia’s supply chains. Investigations into the incident are ongoing, and remediation work will likely continue for some time.

However, that was not the only thing causing problems at the ports of Australia.

Over the weekend, there had been increased Pro-Palestinian protests in the country, with reports claiming that some protestors had intended to block shipments from leaving Australia.

A report by Al-Jazeera stated that the protests at Sydney’s Port Botany, followed by similar protests at the Port of Melbourne, saw activists lie down in front of trucks carrying cargo for the Israeli shipping company Zim. Some activists allegedly even resorted to riding jet skis to stop the ship from leaving the port.

It remains to be seen if the protests are linked to the ports being targeted by cybercriminals. However, there have been increasing numbers of cyberattacks on countries that have been supporting either Israel or Palestine since the conflict began a month ago.

The post Why are state-sponsored hackers targeting Australia? appeared first on TechWire Asia.

Australia has descended into technological chaos as phone and internet services has gone offline. Millions were affected as services from Optus experienced an unexplained nationwide outage. This is the second major incident involving Optus after a major data breach during the same period last year.

This time, the impact was much more severe as the outage not only crippled communication services and the internet but also led to morning peak-hour chaos in the country as train networks and other digital services were down.

Payment systems were also affected, with the Commonwealth Bank warning that some customers might encounter difficulties with some services. According to a report by Reuters, hospitals and emergency services across the country were also hit by the outage. Ramsay Health Care, which owns 70 hospitals and clinics in Australia, said its phone services were impacted.

“At this time, we are unaware how long this outage will continue. If you need to contact your local Ramsay hospital, please direct inquiries via the contact form on the local hospital’s website,” it said on its Facebook page.

Australia’s Federal Communications Minister Michelle Rowland said she had “limited” information about the outage. Reuters also reported that Optus CEO Kelly Bayer Rosmarin ruled out a cyberattack. However, in an interview on ABC Radio, Rosmarin did not give a reason for the outage or say how long it would take for services to be restored.

Not the first major incident in Australia

The timing of the outage could not be any worse for Optus. The telco company is still recovering from a significant data breach last year. In the largest data breach in the history of the country, the personal data of around 10 million customers was stolen in a cyberattack.

The ransomware attack began a series of cyberattacks targeting the nation. Since then, the Australian government has imposed stricter data privacy laws, with businesses also investing more in their cybersecurity.

The financial impact of the outage remains to be calculated, but it is estimated that the losses will be heavy, especially for businesses that rely on the Optus network. Before the Optus data breach last year, data breach fines were not more than AUD$2 million. Now, the penalties could go up to AU$50 million for an organization.

Singapore’s Singtel owns Optus and has over 10 million customers – around 40% of Australia’s population. Australian Senator Gerrard Rennick tweeted that the outage by Optus “just goes to show why banks need to keep branches open so that people can access cash to buy essential goods and services.”

The tweet was in reference to the fact that customers were unable to make payments on the network, often touted as reliable enough to allow for a cashless society and branch closures. Social media was filled with frustrated Australians not being able to get to work, book a ride, or even make payments for meals at cafes and such.

Possible causes of Optus outage

While investigations and recovery are ongoing, there could be several reasons why the blackout occurred. The Sydney Morning Herald reported that because the outage started at around 4 in the morning, it could have been caused by a software or firmware update.

There is also the possibility that an incorrect message sent from either inside or outside the Optus network provided inaccurate traffic routing instructions, according to network engineers. Most organizations conduct network updates overnight, between 2 am and 4 am, as most users would are not active at these times.

An Optus source, who did not wish to be named because they were not authorized to speak publicly, also told the Sydney Morning Herald that a Border Gateway Protocol (BGP) prefix flood from a peer was likely causing the issues on the telco’s core network. Network owners and operators’ routers share routing information using BGP.

The wrong instruction could have been sent from an internet exchange (a physical location similar to a data center, where multiple internet providers and network operators interconnect their networks), directly from an internet provider, or from a content provider.

Australia’s Communication Workers Union said the outage was an “absolute disgrace,” suggesting it was linked to recent job cuts at the company.

Royal Melbourne Institute of Technology researcher Mark Gregory told AFP the disruptions showed fundamental problems in Australia’s communications networks.

“Single point of failure-related outages have occurred too often over the past decades, and it is time that the government forces the telecommunications industry to build redundancy into the networks and systems.”

Meanwhile, Monash University senior lecturer Dr Bill Corcoran told The Guardian Australia that the outage will “cause us to have a closer look at how we want to run this critical national infrastructure across multiple private companies.”

The post Chaos as communications and the internet go offline in Australia  appeared first on TechWire Asia.