Craig McDonald 26 May 2020 11:06:53 AEST 14 MIN READ

Cyber-attacks on Toll Group, BlueScope, Service NSW are “just the tip of the iceberg”: Alastair MacGibbon

In a year already marred by natural and biological crises, cybersecurity failures remain a critical threat.  

Government agencies and big Australian companies have fallen victim to cyber-attacks with unprecedented visibility. Industry and government need to understand why we are more exposed, what we can learn from recent national security events, and how to build a more cyber-resilient nation. […] In these uncertain times, strong cybersecurity practices are more important than ever.

These are snippets from former head of the Australian Cyber Security Centre, Alastair MacGibbon’s recent warning that cybercrime remains an existential threat in Australia and “that many Australian organisations are weak targets”.   

urge all business owners to heed his warning. It’s heartening to note that cybersecurity continues to be a strategic focus in many boardrooms, but amidst a period of heightened cyber-attacks that have disrupted multiple powerful local establishments, his warning acts as a stoic reminder that more work is needed to proactively enhance our cyber defences. We simply cannot afford to become complacent.  

In the past month, there have been several reports of cyber incidents on Australian organisations including logistics company Toll Group, mining firm BlueScope Steelin government withService NSWand financial services company MyBudget, and even an attempted infiltration of the WA Premier’s officeToll Group, in fact, has been hit twice by ransomware attacks, in January by MailTo and last month by NefilimAnd just this week, the Australian Digital Health Agency also revealed that the My Health Record system was the subject of an attempted hack over the past 11 months.  

Alastair warns that these attacks are just the tip of the iceberg; many organisations fail to report cyber breaches, or worse, do not even know about them 

The recent attacks are revealing in several ways. We are more used to seeing prominent US organisations being the victims of big cyber incidents, for example, Google or Equifax. Although Australian organisations have always had cyber vulnerabilities, the increase in large attacks since mid-2019 shows we are increasingly visible and attractive to cyber attackersThe data is patchy but we have observed an increase in attacks and a rise in the penetration of networks and targeting of confidential information, he writes. 

As sobering as these attacks are, they leave several lessons for the rest of us, like the importance of proactively analysing cyber risk, and how to handle and respond to a cyber-attack.  

Notably, these attacks on government agencies and corporate giants by cybercriminals also reminds us of the vulnerability of organisations to fall victim to cybercrime, regardless of their size, including companies with vast resources like Toll Group. The lesson is simple – if it can happen to them, it can happen to any company, and with catastrophic and widespread consequences. In the case of BlueScope Steel, for example, a cyber incident in one of its US businesses has led to disruptions in its manufacturing and sales processes in Australia; some processes have been paused, whilst other processes including steel despatches continue with some manual processes and workarounds. Operations in Asia, New Zealand and at its US-based North Star plant have also been affected. To make matters worse, the ripple effect resulting from these disruptions is only going to cause further damage. Precisely because all our businesses belong to a large & complex ecosystem (involving an intricate, interdependent network of consumers, partners, vendors, and suppliers), the eventual implications can result in an impact on our overall economic growth, and affect many more businesses. 

I find it encouraging that more businesses are recognising these very real risks of cybercrime and several are calling for greater collaboration between business, government and regulators to tackle the growing cyber threatsCollaboration is undoubtedly key in winning the battle against cybercrime since, as Alastair mentioned during his speech at MailGuard’s 2018 Cybersecurity Awareness Luncheon, the sharing of information...[and] solutions [enables us to] build the technologies that will lead to social and economic benefit - not just for us as a nation but as a world.” 

Along with collaborating with one another, it’s also crucial that we step up our pace in improving our cyber resilience capabilities and to continue challenging our readiness, because cyber threats are becoming more targeted, complex and pernicious. The digital pandemic brought on by merciless cybercriminals who continue to exploit the ongoing COVID-19 pandemic is a painful exampleCybercriminals are fine-tuning their attacks everyday to reflect the latest government announcements and virus-related information (even within hours) to trick users – and with alarming frequency. IBM’s chief technology officer for security in Australia and New Zealand, Chris Hockings, puts the increase in online attacks through COVID-19 related spam and phishing at a massive 14,000%. At MailGuard, we continue intercepting multiple variations of email threats exploiting the virus, ranging from those masquerading as relief bonuses to those announcing COVID-19 IT updates. And this is expected to get worse.  

In addition, with the End of the Financial Year (EOFY) approaching, I anticipate these attacks will be more sinister, and hit businesses harder. This period has always been a busy one for scammers, but this year, the economic uncertainty triggered by COVID-19 presents them with even more opportunities to successfully manipulate stressed, distracted professionals and exploit them into doing their bidding 

Let the recent attacks on Toll Group, BlueScope and others serve as sobering and timely reminders for us to continue taking proactive measures to enhance our cyber readinessThe onus is on all of us to consistently review our defences, our systems and processes. In the context of email security, for example, we know that nine out of 10 businesses are being impacted by phishing, even when most have an email security solution in place. We can’t assume that’s as good as it gets. Don’t accept that risk. Explore other solutions to layer your email defences and to protect your brand, your people and your data. 

Cybercrime is moving at warp speed. If we don’t take action quickly, our businesses may end up becoming the next headline. 

If you need more support to protect your business from cybercrime, feel free to reach out to my team at