News, Culture & Society

Medibank hack: Cyber security minister tells Australians to wake up to threat: Claire O’Neill

Cyber Security Minister Clare O’Neil has warned Australians to ‘wake up out of their cyber-slumber’ in the aftermath of the Optus and Medibank ransom attacks where millions of customers sensitive data was stolen.

She told the ABC’s Insiders on Sunday the government are preparing to introduce new legislation that will ban Australian companies from giving in to hacker’s demands and coughing up the money.

Her comments come a day after Ms O’Neil vowed to track down the ‘scumbags’ behind the Medibank hack who ordered the private medical insurer pay $15 million to stop the release of personal information about it’s customers – a demand the company refused.

Cyber Security Minister Clare O’Neill is preparing laws to make it illegal for Australian companies to pay ransom demands from hackers

Ms O'Neill said it could be hard to catch overseas hackers as some of them were protected by governments

Ms O’Neill said it could be hard to catch overseas hackers as some of them were protected by governments

‘We’re standing strong as a country against this, we don’t want to fuel the ransomware business model,’ Ms O’Neil told the ABC’s Insiders. 

‘The idea that we’re going to trust these people to delete data that they have taken off and may have copied a million times is just frankly silly.

‘We’re standing strong as a country against this, we don’t want to fuel the ransomware business model.’

New laws have also been flagged for tightening the rules over how long companies keep data with the Medibank and Optus hacks dragging in people who had long stopped being customers. 

Ms O’Neil said companies should only hold data while it was in use.

But at the moment major firms are compelled by law to retain information on previous customers to assist police investigations.

Ms O'Neil gave an impassioned speech to parliament vowing to track down and and punish the 'scumbag' Medibank hackers

Ms O’Neil gave an impassioned speech to parliament vowing to track down and and punish the ‘scumbag’ Medibank hackers

Another major change to the way Australia tackles the threat of online criminals is the launch of a new elite agency to fight cybercrime.

The agency would combine security experts from the Australian Federal Police (AFP) and the Australian Signals Directorate in the Department of Defence and attempt ‘hack the hackers’.

However, Ms Neil said she could not promise hackers would be jailed in Australia because they were often foreign nationals.

‘We’ve got people who are essentially being harboured by foreign governments,’ she said. 

The AFP has identified the Medibank hackers as Russians.

Ms Claire, who had been unexpectedly thrust into the limelight by the Medibank and Optus hacks, has also promised tougher fines for Australian companies with lax online security.

In parliament on Friday she made an emotional and widely applauded vow to catch the ‘scumbags’ who stole the medical data of 9.7 million Medibank Private members.

Hackers, identified at Russian by Australian police, have demanded $15 million ransom to stop releasing private medical data

Hackers, identified at Russian by Australian police, have demanded $15 million ransom to stop releasing private medical data

The first wave of data released on the dark web included names, birthdates, addresses, email addresses, phone numbers, health claims information, Medicare numbers for Medibank’s AHM customers and passport numbers for international student clients.

Some of the information also contained the identities of women who had abortions, fetal anomalies, molar pregnancy, readmission for complications such as infection, and miscarriages.

This included those who suffered ectopic pregnancies where the embryo grows outside the womb and must be terminated to save the mother.

Health insurance codes for cocaine addicts and mental health sufferers were also part of the stolen data dumped online, along with 500,000 health claims.

‘I want to say, particularly to the women whose private health information has been compromised overnight, as the minister for cyber security, but more importantly, as a woman, this should not have happened,’ Ms O’Neill said in Parliament.

‘I know this is a really difficult time. I want you to know that as a parliament and as a government, we stand with you. 

‘You are entitled to keep your health information private and what has occurred here is morally reprehensible and it is criminal.’

Ms O’Neil grew emotional as she spoke, her voice wavering and her eyes welling with rage and sadness at what Australian women may suffer.

‘I want the scumbags behind this attack to know that the smartest and toughest people in this country are coming after you,’ she declared.

***
Read more at DailyMail.co.uk