Warning from cyber security expert amid Medibank hack

The cyber attack on Medibank is worse than first thought, with health records and potential credit card details exposed just a month after the Optus data breach.

Although nearly four million Medibank customers could be affected if the hackers’ threat to sell the stolen data is carried out, a cyber security researcher said he was not surprised by the targeted cyber attack.

“Cyber ​​attacks are becoming the new normal,” Australian cyber security firm Gridware CEO Ahmed Khanji told A Current Affair.

Medibank. (A Current Affairs)

Related Clips

READ MORE: John Farnham’s sons Robert and James reveal dad’s road to recovery after cancer surgery

Khanji has been investigating and tracking cyber attacks around the world.

He said the world of crime has changed and digital crime is on the rise.

Healthcare giant Medibank is the latest company to be targeted, with cybercriminals claiming to have stolen 200GB of customer data.

Ahmed Khanji. (A Current Affairs)

READ MORE: ‘The missing boy has been found’: Baby Vinh and his grandmother are reunited

“A threat actor has gone out and contacted them … almost anyone can send a note to Medibank with any information,” Khanji said.

“You just don’t know if something is fake or legit.”

The hackers claim their proof they’re legit is a sample of 100 customer policies they sent with a ransom note.

A cyber security researcher said he was not surprised by the targeted cyber attack. (A Current Affairs)

READ MORE: Aussie couple say super commissions robbed them of comfortable retirement

The criminals are threatening to sell confidential information, including sensitive health records and possibly credit card details, but these details do not appear to have been published anywhere publicly yet.

Khanji said what makes this attack different from the Optus data breach is the type of information being stolen.

“Healthcare is one of the industries most targeted by cybercriminals,” he said

CEO of Australian cybersecurity firm Gridware Ahmed Khanji. (A Current Affairs)

“Patient information is some of the most sensitive and private data available.

“They want to sell data that is valuable.”

Cybercriminals are also threatening to target 1,000 of Medibank’s most high-profile customers, including actors and politicians.

Digital crime is on the rise. (A Current Affairs)

“A lot of these threat actors are looking for attention,” Khanji said.

“Making threats like, ‘We’re going to kick out famous people’ is likely to cause a lot more anxiety about what data these threat actors have.”

“The more sensitive the data, the more likely they can use it for crime.”

Senior Incident Response Analyst Vicki Sternares said they conduct their illegal transactions “like a business.”

Vicki Sternares, Senior Incident Response Analyst. (A Current Affairs)

Sternares monitors the dark web to gather information. So far you haven’t seen any discussion about Medibank data.

He said it’s easy to buy personal data, including names, mobile numbers, addresses and emails.

The Federal Police have been called in to assist in the Medibank investigation.

Senior Incident Response Analyst Vicki Sternares spoke with A Current Affair reporter Dimity Clancey. (A Current Affairs)

“The Australian Government is doing everything it can to stop the irreparable damage of what is a complete dogfight,” Cyber ​​Security Minister Clare O’Neil said.

“This is a criminal to suggest that they will release personal health information of Australians to the public and that is simply unacceptable to us.”

Khanji said the damage could have already been done, as was the case with Optus.

Cyber ​​Security Minister Clare O’Neil. (A Current Affairs)

“The original data of the 10,000 customers is still available on the dark web,” he said.

“Threat actors can still use this for very malicious purposes.

“They don’t feel there are consequences to their actions and are encouraged to do more, so you’ll find a lot of copycats looking for a quick buck.”

But he said threat actors, whether sophisticated criminals or a couple of kids, should take the publicity seriously.

Australian cyber security firm Gridware CEO Ahmed Khanji spoke to A Current Affair reporter Dimity Clancey. (A Current Affairs)

“Especially when the FBI and Interpol and other law enforcement agencies start getting involved, it becomes a very dangerous game,” Khanji said.

He said the problem is showing that we all have a lot to learn.

“Organizations are waking up and understanding that they really need to invest in good cyber security to prevent this problem once it happens,” Khanji said.

“It’s no longer a matter of ‘if you get cyber-attacked,’ but ‘when you get cyber-attacked.'”

In Images

Australians are issuing warnings after falling victim to these scams

See Gallery

Leave a Comment

Your email address will not be published. Required fields are marked *