SABRA LANE: One of Australia’s biggest health insurers, Medibank, is grappling with a major cyber security incident after receiving a ransom demand from hackers who claim they’ve obtained customer data. Medibank says it’s taking the claim seriously and it’s now been referred to the Australian Federal Police. Last week the company revealed it had detected unusual activity on its systems but didn’t think any data had been stolen. The Minister for Cyber Security is Clare O’Neil. Minister has confidential customer information fallen into the hands of hackers, as the ransom claims?
CLARE O’NEIL: Sabra, the facts in this matter are still being established, as you would expect for a large cyber security incident such as this one. What has changed in the last 24 hours is that malicious actors have contacted the organisation claiming to have customer data, and that is why the situation has become of great concern and there are various arms of the Australian Government which are working very hard to support Medibank to try to prevent any customer data from being released.
SABRA LANE: Medibank had been telling its customers last week that no data had been taken. You’ve spoken to the CEO of Medibank. How many customers are potentially exposed here?
CLARE O’NEIL: Again, Sabra, the facts are still being established. And I appreciate it might be hard to understand this from outside of a large organisation, but when you’ve got a complex technological system, it takes a bit of time to understand what has changed in that system in the event of an attack. If you imagine a big organisation such as the ABC, there will be literally thousands of interactions with your data every day that are legitimate, and it does take some time for organisations to understand where illegitimate data changes have occurred.
So that work is being undertaken by Medibank at the moment. They’ve engaged external providers to assist them, and the Australian Signals Directorate, which is the best cyber organisation in the country, which is part of the Australian Government, has also been intimately involved in this along the way.
But the reason that I am so concerned about this at the moment is because of course the sensitive nature of the information involved. So, if you think about a lot of cybercrime relates to financial or identity information, which is very problematic when it comes into the problem realm. What we have here is information that’s held by this organisation which is health care information. And that just on its own being made public can cause immense harm to Australians. And that’s why we are so engaged with this and trying to help Medibank from understanding what’s happening so we can repair it.
SABRA LANE: Medibank says it’s received messages from a group that wants to negotiate a ransom demand. Is the Australian Cyber Security Agency advising Medibank to engage, to negotiate?
CLARE O’NEIL: Sabra, I’m not going to comment on – there is an attempt to commit a crime potentially underway here, so I don’t want to give a running commentary on what exactly Medibank is being advised to do. But, yes, it’s correct that someone claiming to have customer data has contacted Medibank to try to negotiate. So, this is what we call a ransomware attack. It’s quite a common form of cyber-attack.
Last night this matter was referred to the Australian Federal Police and an Australian Federal Police investigation has now been stood up. So, Medibank are now working closely with the Australian Signals Directorate and the Australian Federal Police to try to manage the situation.
SABRA LANE: You’re the Minister for Cyber Security, but the Nine newspapers is reporting this morning that the Federal Government has quietly added cybercrime to the Attorney-General’s responsibilities and taken it from you. Is this a demotion? Why has it happened?
CLARE O’NEIL: No, it’s not. It’s not. The Attorney-General and I share a lot of responsibilities. He is responsible for the Australian Federal Police. I’m responsible for cyber security. So, it’s very common across government for responsibilities to be shared, and this is one of them.
SABRA LANE: There would be so many people who are very anxious about this this morning, that potentially their health care information and potentially bank details have been exposed. What’s your words of advice to them?
CLARE O’NEIL: Well, my words of advice to them are that the very best people in the country are working with Medibank to try to prevent any harm from occurring from what has gone on here. But I’d also just say to Australians – and this applies to government, to business, to individuals –there is an element here that cybercrime is growing really quickly around the world.
There was an INTERPOL conference yesterday, the kind of police heads of forces from around the world got together, and their message to the community was that cybercrime is now their main crime concern internationally. And this is the new world that we live in. We are going to be under relentless cyber-attack essentially from here on in, and what it means is that we need to do a lot better as a country to make sure that we are doing everything we can within organisations to protect customer data and also for citizens to be everything that they can.
So, I think combined with Optus, this is a huge wake-up call for the country and certainly gives the government a really clear mandate to do some things that frankly probably should have been done five years ago but I think are still very crucially important.
SABRA LANE: Just quickly, the Optus hack, has the culprit been found?
CLARE O’NEIL: I’ll let the Australian Federal Police share information publicly about that one, Sabra. But I can say that there’s no clear evidence of financial crime that’s resulted from the Optus hack so far, which is good news.
SABRA LANE: Minister, thanks for joining AM this morning.
CLARE O’NEIL: Thanks so much, Sabra. Much appreciated.
SABRA LANE: That’s Clare O’Neil, the Minister for Cyber Security.
