House debates

Monday, 7 November 2022

Private Members' Business

Cybersecurity

10:08 am

Photo of Louise Miller-FrostLouise Miller-Frost (Boothby, Australian Labor Party) Share this | Hansard source

I thank the member for raising this important and timely issue of cybersecurity. It is clear that the recent spate of cybersecurity breaches has had a significant impact on a large number of Australians. Whether they were directly affected or not, the breaches have had an impact on their sense of personal security and on their ability to have confidence in the digital systems that we increasingly use to run and coordinate our lives. Many Australians have had some of their most sensitive financial or health data accessed by criminals, and, anecdotally, particularly since the Optus and Medibank data hacks, people in Boothby have been at pains to impress upon me the increase in spam messages, phone calls and unwanted electronic communications that they have received. At a time when, increasingly, we conduct our lives with government departments, agencies and service providers—and even with retail—online and via text message, these scams directly mimic those interactions and undermine our confidence in the systems.

I'm proud to stand here as a member of the government that is working tirelessly to respond to this enormous challenge. Our data is, potentially, held by many, many companies and agencies, including in the private, not-for-profit and government sectors. We now know that a data security breach is reported in Australia every seven minutes. While not all are as significant as the Optus or Medibank hacks, which impacted potentially millions of Australians, each breach is a serious invasion of privacy. It was reported this morning that 9.7 million current and former Medibank customers have had their personal data included in this latest hack. Even if there is no financial loss, these data breaches cause major disruption and can be extremely unsettling. The inconvenience of having to have all of your ID and financial cards reissued has been a challenge for many of our citizens.

The area of cybersecurity is also a constantly evolving and mutating area of criminal activity, and that is why this government is putting so much focus and expertise into tracking down those criminals who seek to do harm to law-abiding Australian citizens. The Albanese Labor government is managing the consequences of cyber breaches by coordinating government responses and bringing together efforts of multiple government and law enforcement agencies. Just as critically, we are ensuring Australians have the information and tools they need to be protected from harm. The member's characterisation of the government's response to recent high-profile data breaches is disingenuous at best. The Minister for Home Affairs, Clare O'Neil, has led the coordination of multiple federal, state and territory agencies and departments to support a rapid, focused response. To respond to the Medibank incident, the Albanese government activated the National Coordination Mechanism to ensure that all possible support is being provided both to Medibank and to those Australians affected.

The National Coordination Mechanism brings together agencies of the Australian government, state and territory, as well as industry and private sector stakeholders. The Australian Cyber Security Centre has been providing technical advice and assistance. The Australian Federal Police are leading the criminal investigation. The Department of Home Affairs has been supporting Services Australia and the department of health to work with Medibank to confirm what information has been exposed and to put protections in place. Services Australia have put in place proactive mitigation measures focusing on minimising exposure of customer records and protecting the agency's claims infrastructure.

The recent cyber incidents have highlighted the previous government's failings to create effective incident coordination and response mechanisms or fit-for-purpose legal powers to manage the consequences. This is, sadly, no surprise, given that the former government abolished the dedicated role for cybersecurity in the ministry, just when Australia most needed to be getting ahead of these cybercriminals.

Cybersecurity is a serious challenge for any government, and this government is determined to keep Australians safe online. It's a serious area of public policy, so it's unsurprising that those opposite can muster little more than a feeble critique. They've never really been in the business of solving problems for the Australian people. It is, however, good that those opposite now realise how urgent this is, as their previous actions were—as with so many things—too little too late.

Comments

No comments