Login
iscover
Trevor Dearing, Director of Critical Infrastructure at IllumioShare this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
The heated dialogue ahead of the upcoming federal election is quickly ramping up on both sides of politics, combined with the current backdrop of global uncertainty. What many don’t realise is that the current high-stakes environment comes down to more than just which party wins on election day.
Elections are often hotbeds for cyber activity, with state actors, hacktivists and other invested parties often ramping up their efforts as voting day draws nearer. Not only this – but these cyber attacks can also become more targeted and hostile in nature, with the consequences more severe. While the methods are varied – from cyber espionage to targeting information services – the aims are generally the same: either to sway votes towards one party or sow social discord and cohesion.
It can be easy to adopt a “not yet on our shores” mindset, but the truth is that this activity is already unfolding. The Electoral Integrity Assurance Taskforce has warned that the upcoming federal election could attract the interest of malicious cyber actors who seek to interfere with electoral processes. And the thing is – the attack surface of an election extends far wider than merely voting infrastructure. Many Australian businesses can be targeted or affected as part of the fallout.
Global geopolitical uncertainty also generally spells greater cyber risk. There were thousands of attacks on Europe’s energy grid when Russia invaded Ukraine, for instance. So, as we stand on the brink of a global trade war, amid ongoing global conflict and rising local tension – the increase in cyber activity is inevitable.
Critical infrastructure most at risk
While those most closely aligned to the election may be prime targets – companies that manage election infrastructure, for example – with heightened cyber activity across the board, public and private organisations managing critical infrastructure should also beware. This list of companies, both public and private, is long – think financial and healthcare institutions, telcos, energy and utilities companies.
Attacks on critical infrastructure can have catastrophic consequences, threatening a country’s operational resilience and even public safety. Look at the recent attack on Synnovis that halted 1,130 planned operations and more than 2,000 outpatient appointments at London hospitals. Or the attacks on Germany’s Südwestfalen IT that paralysed 70 municipalities and affected 1.6 million citizens. State actors can move at any moment, but elections and geopolitical instability make for particularly fertile ground. These businesses need to know they may be in the firing line.
Ransomware a major concern
Ransomware already impacts the vast majority of Australian businesses – the 2024 Ponemon Cost of Ransomware Report found that 79 per cent of Australian businesses had fallen victim to at least one ransomware attack in the last year. At a time of heightened cyber activity, we can possibly anticipate an even greater impact.
The World Economic Forum’s Global Cybersecurity Outlook from both 2024 and 2025 highlights that ransomware has evolved from merely data theft to causing disruption. In fact, close to half of cyber leaders surveyed said they’re concerned about disruption to operations and business processes. The Ponemon research echoed this – showing that close to three-quarters of Australian companies hit with ransomware were forced to halt operations, with systems down for 12 hours on average. The data showed that Australian companies were being harder hit than their global counterparts in the US, the UK, and other countries in Asia.
Last year, the government legislated the Cyber Security Act 2024, making it mandatory for certain businesses to report if they had paid a ransom. Increased reporting is certainly necessary – some 71 per cent of Australian companies that experienced a ransomware attack didn’t report it. So the ransomware problem may well be much larger than we even realise.
Are local businesses ready?
Honestly, many organisations aren’t prepared. The Ponemon research showed that a lot of businesses are still not getting the basics right, like blocking high-risk ports or patching vulnerable systems, and close to half are still using weak passwords. Many are also still worried about preventing and detecting breaches. In reality, they should be focusing on containment strategies that keep them resilient against inevitable attacks. Breaches are a given, so businesses need ways to limit their impact to prevent catastrophic outcomes.
Over the past few years, everyone from the White House to EU regulators and the World Economic Forum have called on agencies and business leaders to adopt breach containment strategies like zero trust. Zero trust recognises that threats can come from both external and internal sources, necessitating a proactive and adaptive security approach.
The Australian government is following suit. The 2023–2030 Australian Cyber Security Strategy states it “... will also draw on internationally recognised approaches to zero trust, aiming to develop a whole-of-government zero-trust culture”. More than just empty words, Home Affairs has also since released a consultation paper on “Guiding Principles to embed a Zero Trust Culture”.
If Australian businesses structure their cyber security systems in a way that allows them to limit the spread of attacks and maintain the function of IT systems even in the event of ongoing cyber attacks, their most sensitive data will remain protected. This is the best defence to weather the storm that lies in the months ahead.
Be the first to hear the latest developments in the cyber industry.
