Cyberattacks on the rise
Mass blackouts, widespread healthcare fraud and prolonged outages of online services: that could be Australia’s future if cyber defences fail to keep pace with rapid digitisation over the next decade, the CSIRO warns in a new report.
The number, severity and speed of breaches will grow exponentially as more services and utilities move online, it warns.
There will be more pathways for a wider range of attacks – from low-level pranksters to organised criminal networks – to launch increasingly sophisticated attacks.
“Our increasing reliance on digital services leaves us potentially vulnerable at unprecedented scales,” says James Deverell, director of CSIRO Futures.
“The more we rely on digital services for our basic needs like healthcare and energy, the more drastic the consequences of any breach may be.”
He says future attacks could dwarf the recent “heartbleed” scare, in which a flaw in internet encryption codes went undiscovered for two years and potentially allowed attackers to siphon data from supposedly secure websites.
The more we rely on digital services for our basic needs like healthcare and energy, the more drastic the consequences of any breach may be.
The report presents a number of scenarios which, based on trends, could take place in the next 10 years.
In one, Australia’s highly automated electricity grid is brought down during a heatwave by a disgruntled contractor using a hacking kit.
In another, criminal syndicates exploit poor password security to access healthcare databases and make billions of dollars’ worth of falsified claims.
To combat the heightened risk, the report calls for stronger cybersecurity education.
“We can’t think of cybersecurity as just a technology problem that the IT guys worry about,” Deverell says.
“It’s really something we need to look at as a shared responsibility. We need everybody to have some understanding of the risks and the threats, and about how to respond.”
The report also calls for businesses and government to publicise data breaches and to invest in more secure identity protection systems.