Cyber attacks that occurred this year and how you can protect your data

By /

Cyber Security Briefing

Summary

2023 has seen a severe wave of cyber attacks across Australia, affecting millions and impacting sectors like finance, health, and government. Over 500 breaches were reported in the first half of the year, with trends worsening. Experts advise against paying ransoms, call for stronger corporate and governmental security measures like data encryption, and recommend practical steps individuals can take to protect their personal information.

Key Points

  • Widespread Impact: Millions of Australians had personal data stolen. The finance, health, and government sectors were most targeted in H1 2023.
  • Breach Statistics: 532 data breaches were recorded from January to June, with over 50% caused by malicious attacks. Notifications increased in the second half of the year.
  • The “Unknown” Threat: Experts warn the most effective attacks may go completely unnoticed and unreported.
  • No Ransom Payments: Paying ransoms, as seen in threats during the Qantas breach, funds and incentivizes further criminal activity without guaranteeing data protection.
  • Corporate & Government Responsibility: Defenses are not keeping pace with attacks. Experts urge adding encryption to national security frameworks and updating the Privacy Act to hold organizations accountable.
  • Data Minimization: Organizations are advised to review data collection and avoid unnecessary data retention, a key aggravating factor in breaches.
  • Individual Protection Steps:
    • Use end-to-end encrypted messaging/calling apps (e.g., Signal, WhatsApp).
    • Avoid plain SMS, standard phone calls, and non-E2E email for sensitive info.
    • Use privacy-focused browsers (Firefox, Safari) with ad blockers.
    • Refrain from uploading unnecessary personal data (e.g., license copies) and avoid providing real details like birth dates when not required.

网络安全简报

摘要

2023年,澳大利亚遭遇了严重的网络攻击浪潮,影响数百万人,波及金融、医疗和政府等多个部门。上半年报告了532起数据泄露事件,且下半年情况加剧。专家建议不要支付赎金,呼吁企业和政府采取更强有力的安全措施(如数据加密),并推荐个人可采取实用步骤来保护个人信息。

关键要点

  • 影响广泛:数百万澳大利亚人的个人数据被盗。2023年上半年,金融、医疗和政府部门是主要攻击目标。
  • 泄露数据:1月至6月记录了532起数据泄露事件,其中超过50%由恶意攻击造成。下半年相关通知数量有所增加。
  • “未知”威胁:专家警告,最有效的攻击可能完全不被察觉和报告。
  • 拒绝支付赎金:正如澳航数据泄露事件中的威胁所示,支付赎金会资助并鼓励进一步的犯罪活动,且不能保证数据受到保护。
  • 企业与政府责任:防御措施未能跟上攻击步伐。专家敦促在国家安全框架中加入加密措施,并更新《隐私法》以追究组织责任。
  • 数据最小化:建议组织审查数据收集行为,避免不必要的数据留存,这是加剧数据泄露的关键因素。
  • 个人防护措施:
    • 使用端到端加密的通讯/通话应用(如Signal、WhatsApp)。
    • 避免使用普通短信、标准电话和非端到端加密的电子邮件传递敏感信息。
    • 使用注重隐私的浏览器(如Firefox、Safari)并配合广告拦截器。
    • 避免上传不必要的个人数据(如驾照复印件),在非必需情况下不提供真实出生日期等详细信息。

Original Article Link: https://www.abc.net.au/news/2025-12-28/cyber-attacks-2025-and-ways-to-protect-your-data/106113950

Scroll to Top