This week’s Cyber Pulse Mid-Week Briefings cover Australia’s new Cyber Security Bill, rising ransomware claims, Zscaler's AI-driven platform growth, and cyber threats from East Asia, including Chinese influence operations, North Korean tech theft, and costly global data breach claims.
This week’s Cyber Pulse Mid-Week Briefings spotlight the intensifying cyber landscape of 2024, from policy shifts to rising threats. Australia’s Cyber Security Bill introduces robust standards for IoT security and ransomware reporting, reinforcing national resilience.
Corporate cyber insurance claims have surged due to increasingly severe ransomware attacks on large companies. Zscaler’s Zero Trust Exchange™ platform has hit a milestone, processing over half a trillion daily transactions with AI-enhanced threat detection.
Meanwhile, East Asian cyber threats from Chinese and North Korean state-sponsored groups are on the rise, with China deploying extensive influence operations and targeting critical infrastructure in the South China Sea, and North Korea honing in on maritime technology theft. Finally, Allianz’s Risk Barometer highlights the financial toll of data breaches and privacy violations, underscoring the urgent need for strengthened cyber defences.
The Australian government has proposed its first standalone Cyber Security Bill, setting a strong precedent for national digital protection and the security of critical infrastructure. The Cyber Security Bill 2024, currently under parliamentary review, will solidify a legislative framework that mandates minimum security standards across key areas such as smart device security and ransomware incident reporting.
This landmark legislation highlights the government’s dedication to enhancing national resilience in an increasingly complex cyber and geopolitical environment, aiming to protect both citizens and businesses from escalating cyber threats.
Central to the Cyber Security Bill 2024 is the introduction of minimum security standards for Internet of Things (IoT) devices, addressing vulnerabilities in everyday consumer tech. Smart devices in Australia are currently unregulated for cybersecurity, an issue the government describes as "fragmented and insufficient." The bill proposes baseline requirements, such as unique passwords, secure default settings, and regular updates for IoT devices like smart doorbells and watches.
Additionally, the Minister will gain authority to enforce these standards and quickly align with international norms, following a model similar to the UK’s Product Security and Telecommunications Infrastructure (PSTI) Act, ensuring that Australia keeps pace with global security benchmarks.
Another key aspect of the bill is a mandatory ransomware reporting requirement for private-sector organizations that manage critical infrastructure. Organizations involved in ransomware payments will need to report incidents to the Australian Signals Directorate (ASD) and the Department of Home Affairs within 72 hours of making a payment or learning of one.
These reporting requirements promote transparency, allowing government bodies to act swiftly in combating cyber extortion. Penalties for non-compliance reinforce the bill's deterrent effect, aiming to reduce the frequency and financial impact of ransomware attacks while enhancing collaboration between private entities and national security agencies.
Minister for Home Affairs Tony Burke emphasized the bill’s comprehensive approach to cybersecurity challenges, impacting the economy as a whole.
"We need a framework that enables individuals to trust the products they use every day. We need a framework that enhances our ability to counter ransomware and cyber extortion.
We need a framework that enhances protections for victims of cyber incidents and encourages them to engage with government, and we need a framework that enables us to learn lessons from significant cybersecurity incidents so that we can be better prepared going forward,” said Burke.
This legislation, aligned with Australia’s 2023-2030 Cyber Security Strategy, seeks to build a resilient digital infrastructure, equipping the country to confront emerging cyber threats and protect critical systems.
Coalition’s recent report highlights a surge in ransomware-related claim costs, with average losses per incident rising to $353,000—a 68% increase from last year. This shift is attributed to cybercriminals targeting larger businesses, with high-profile groups like Play and BlackSuit demanding ransoms over $2.5 million.
Sophos’ study further reveals that ransomware gangs earned approximately $400 million in the first half of 2024, with vulnerabilities in outdated software and poor access controls providing easy entry points for attackers.
Adding complexity to the cyber landscape, Coalition’s report indicates that Business Email Compromise (BEC) remains the most common cyber event, representing nearly a third of all claims.
Although Funds Transfer Fraud (FTF) declined, with average losses dropping by 15%, companies are urged to adopt more stringent access controls. Both Coalition and Sophos underscore the necessity of preventive cybersecurity measures and timely software updates as cybercriminal tactics and ransom demands evolve.
Zscaler’s Zero Trust Exchange™ platform has reached a new milestone, processing over half a trillion daily transactions—nearly 60 times the volume of daily Google searches. Leveraging AI and machine learning, Zscaler extracts critical security signals in real-time to enhance threat detection and prevention, aligning with the growing need for advanced cyber intelligence.
“The growth in adoption and proliferation of our services continues to accelerate over the past 16 years,”
said Jay Chaudhry, CEO of Zscaler, highlighting the platform’s scale and resilience.
Zscaler’s zero-trust architecture relies on extensive daily data processing to refine threat models continuously, ensuring secure, direct connections between users, applications, and devices. This AI-driven, zero-touch operation enables rapid adaptation to the shifting cyber landscape, positioning Zscaler as a leader in proactive cybersecurity with minimal manual intervention.
Allianz’s 2024 Risk Barometer reports a sharp rise in high-value cyber claims, fueled by data breaches and privacy violations. In the first half of 2024, claims over €1 million increased by 14%, with severity up by 17%, often involving data exfiltration by ransomware attackers.
“The growth of privacy-related claims, particularly in the U.S., has resulted in expenses even greater than some ransomware incidents,”
said Michael Daum of Allianz, reflecting the escalating financial toll of these breaches.
Asian businesses are especially vulnerable due to weaker cybersecurity frameworks, often targeted in supply chain attacks. As AI becomes integral in detecting breaches, the costs of extensive notifications can still exceed $20 million per incident. Allianz emphasizes comprehensive cyber defenses, with Rishi Baviskar warning,
“Breaches not contained early can escalate significantly,”
underscoring the need for early intervention to prevent spiraling costs.
Cyber threats from East Asia, particularly Chinese and North Korean state-sponsored groups, have shown significant growth in sophistication and reach. Microsoft’s findings reveal that Chinese influence operations have become more effective, with state-aligned social networks engaging American users and building an audience of over 103 million. These influence efforts reflect China’s strategic intent to sway U.S. public opinion, especially around election cycles.
In the South China Sea and Taiwan, Chinese threat group Raspberry Typhoon has been actively targeting critical infrastructure, including telecoms, as part of China's regional ambitions. North Korea has also advanced its cyber operations, focusing on maritime technology theft. Microsoft’s insights into these campaigns underscore both nations' drive to assert influence and secure strategic interests on the global stage.
Cybercriminals and state-sponsored actors exploit social media for espionage and disinformation. Telegram is under fire for sharing data with Russia’s FSB, prompting Ukraine to restrict it. OpenAI's Ben Nimmo fights AI-driven disinformation targeting U.S. and European elections.
Telegram is tightening its policies, sharing user IPs and phone numbers of criminals with authorities. As hybrid warfare blends state-backed hacking with cybercrime, Telegram faces pressure to curb illegal activities exploiting its encryption features.
DDoS attacks are on the rise globally, targeting the Middle East, Israel, Ukraine, and key sectors like software, telecom, and banking.
BlackSuit Ransomware Strikes Again! The notorious hackers behind last year's Dallas attack have rebranded as BlackSuit, now demanding $500 million in ransoms! The FBI and CISA confirm the group's new identity, with aggressive tactics and enhanced methods to pressure victims into paying up.
