A Cyber Security Review of 2024

The start of 2024 saw a sharp rise in cybercrime, with data breaches in Australia increasing by an alarming 388% in Q1 compared to Q4 of 2023. No industry is immune, as cyber threats continue to target organisations across all sectors. Phishing, compromised credentials, and ransomware are all common incidents, underscoring the critical need for enhanced cyber security protocols at both the national and organisational levels.

This blog will delve into some of the most significant security breaches of 2024 and examine the steps the Federal Government is taking to bolster Australia's cyber security strategy, manage emerging risks, and provide better support for businesses and individuals alike.

Key Cyber Breaches of 2024

2024 witnessed several major cyber incidents, underscoring the diverse tactics and far-reaching impact of modern cyber threats. The breaches showcase the challenges organisations are facing and the critical areas where cyber security defences can fall short. Some of the most notable breaches include:

• Ticketek - Australia's largest ticket sales company suffered a significant breach in May 2024, exposing the personal information of over 17 million customers. Fortunately, information was restricted to names, dates of birth and email addresses and no customer accounts, passwords or credit card details were compromised thanks to secure encryption. The company worked closely with government agencies to seek an injunction to prevent further data from being distributed further. Importantly, Tiketek advised customers to be especially vigilant for scams following the breach. ‍
• Nissan Motor and Nissan Financial Services - In December 2023, Nissan Australia experienced a significant data breach when a ransomware attack targeted its local IT servers. This breach impacted approximately 100,000 individuals, 10% of whom had government identification documents compromised, including Medicare cards, driver's licenses, and passports. Nissan assured customers that their financial information remained secure, offered free identity theft and credit monitoring services as a precaution and collaborated with cyber security experts and government agencies to strengthen its defences and mitigate risks.‍
• MediSecure – In early 2024, the prescription exchange service MediSecure experienced a ransomware attack that compromised one of its databases. This breach exposed the personal information of approximately 12.9 million individuals, including names, addresses, and health data related to prescription records, although MediSecure confirmed that financial details, such as credit card information, were not impacted. The company worked closely with cyber security experts and government authorities to contain the incident, assess the scope, and enhance its security measures. While the prescription delivery service was subsequently moved to a different company, and consumers could still access their medications despite the incident, it's yet another example of the growing risks organisations face handling sensitive personal and health data.

ASD's Annual Cyber Threat Report 2023-2024

The Australian Signals Directorate's (ASD) Annual Cyber Threat Report for 2023-2024 highlights the range and severity of cyber threats the country is facing, from attacks by foreign state actors and cybercriminals to risks targeting critical infrastructure. The report outlines the methods behind these attacks, current defence strategies, and practical steps for individuals and organisations to protect themselves.

Key Data & Insights in FY 2023-2024:

The Australian Cyber Security Hotline received 26,700 calls, reflecting a 12% increase compared to the previous year.

• Critical infrastructure remains a primary target, with over 11% of cyber incidents involving these vital systems posing severe disruption risks.
• Business email compromise (BEC) and fraud were among the most reported cybercrimes, followed closely by ransomware and data theft extortion, which continue to be significant and costly threats.
• Over 930 notifications were sent to organisations, alerting them to potential malicious activity on their networks.
• The Australian Protective Domain Name System (APDNS) blocked access to 82 million malicious domains, a 21% increase from the previous year.
• The Domain Takedown Service requested the removal of more than 189,000 malicious domains, marking a 49% rise.
• Compromised credentials were key in 32% of critical infrastructure incidents, with 30% of government sector breaches linked to compromised accounts.
• Malware infections were responsible for 17% of critical infrastructure incidents.

These statistics are yet another stark reminder of the evolving nature of cyber threats, demonstrating the need for robust cyber security measures across all sectors.

The Australian Government's Response to Cyber Security Challenges

The rapid increase in cyber threats in Australia, both in volume and severity, highlights the urgent need for action. In response, the Australian Government has implemented several strategic measures, including new legislation and security frameworks. These efforts are pivotal in addressing vulnerabilities and fostering a more secure digital environment for Australian businesses.

1. Cyber Security Legislative Package 2024
In October 2024, the Australian Government introduced the Cyber Security Legislative Package 2024, which includes significant updates to existing laws to address escalating cyber threats and strengthen national resilience. A key component of this package is the reform of the Security of Critical Infrastructure Act 2018 (SOCI Act), strengthening protections for critical infrastructure by clarifying obligations for data security, enhancing government support during incidents, improving information sharing, and enabling increased government intervention.
‍

2. Protective Security Framework
The Protective Security Policy Framework (PSPF) is a set of policies designed to help Australian government entities safeguard people, information, and assets, both nationally and internationally, across the following six key domains:

• Governance – security planning, roles, training, and reporting.
• Risk – enterprise risk management and third-party risk management.‍
• Information – classification systems, information handling, and data security.‍
• Technology – cyber security and ICT protection measures.‍
• Personnel – security vetting, suitability assessments, access control, and separation processes.‍
• Physical – security zoning requirements and site selection.
  

The PSPF policies guide government entities in implementing sound and responsible protective security practices while identifying and mitigating security risks and vulnerabilities. The framework is constantly updated to address emerging risks, technological advancements, and evolving security challenges, with recent updates including stock-taking of vulnerable internet-facing systems and enhancing cyber threat intelligence sharing.
‍

3. Digital and Cyber Security Strategy 2024–2026 (DCSS)
The Digital and Cyber Security Strategy 2024–2026 (DCSS) outlines how the Australian Government uses rigorous analysis and data to provide timely advice to stakeholders and partners. It leverages digital technology to ensure information and systems are secure, resilient, responsive, and fit for purpose and establishes strategic priorities and actions to ensure the Government remains agile and responsive to digital challenges and opportunities. The focus of the latest strategy is optimising technology investments by enhancing and embedding existing systems and capabilities across four key areas:

• ‍‍‍The Digital Workplace - providing employees with a streamlined set of digital tools and platforms that drive productivity, improve user experience, and support safe and secure work practices.‍
• Core Business Functions - optimising key activities and data systems to enhance efficiency and effectiveness in fulfilling the Government's strategic economic objectives.‍
• Information Integrity - implementing robust information management and record-keeping practices to foster a culture of integrity and capability while ensuring information assets remain accessible and usable.‍
• ICT Infrastructure - empowering the ICT workforce to deliver high-quality services by sustaining a modern, secure, and responsive technology estate.

The strategy emphasises a structured approach to implementation and monitoring. Key actions include setting clear milestones, fostering collaboration across teams, regularly assessing progress, and leveraging insights from digital performance metrics. Meanwhile, continuous feedback loops are integrated to ensure the strategy evolves in response to emerging needs and challenges.

The Australian Government is implementing a comprehensive approach to strengthen its digital, cyber, and protective security frameworks through a combination of legislative reform, strategic planning, and rigorous risk management. These coordinated efforts underscore Australia's commitment to safeguarding its critical infrastructure, economy, and citizens from evolving security threats while fostering innovation and efficiency in its digital operations.

Australia's New Cyber Security Bill

Australia has officially taken a significant step in fortifying its digital infrastructure with its Cyber Security Bill 2024. The long-awaited bill, which Parliament passed in November 2024, is set to become law following approval by the Senate. This landmark legislation introduces mandatory ransomware payment reporting, establishes minimum cyber security standards for smart devices, and enhances the protection of critical infrastructure. It also provides the foundation for a more proactive approach to cyber security governance, focusing on risk assessment and governance frameworks that ensure compliance. The legislation marks a pivotal moment for Australia's cyber security landscape, creating clear accountability standards for organisations and fostering a collaborative effort to safeguard sensitive data and infrastructure.

How to Protect Your Organisation

The surge in cyber incidents throughout 2024 highlights the importance of proactive measures, with both government-led initiatives and private-sector collaboration playing key roles in securing Australia's digital future. By leveraging insights from the ASD Cyber Threat Report, organisations can better understand current threats and implement strategies to safeguard their assets. Mitigating cyber risks begins with adopting smarter, proactive security approaches, such as:

• Aligning with regulatory and compliance standards
• Fostering a security-first culture across the organisation
• Conducting regular vulnerability assessments and penetration testing
• Implementing continuous security monitoring, incident detection, and having a well-defined response plan
• Developing a strategic security roadmap to guide long-term resilience

Infotrust is committed to helping your organisation build a resilient security posture, proactively mitigate risks, and stay ahead of emerging cyber threats. If you would like to improve your cyber resilience, contact the experts at Infotrust today for a security planning session.