APRA yet to publicly act on cyber attacks | Australian Markets

Australia’s superannuation regulator, the Australian Prudential Regulation Authority (APRA) has to this point remained silent on the cyber attacks which have hit a number of main funds however, if current historical past is a information, then they will count on the imposition of further license circumstances.

APRA in early December, 2023, imposed further license circumstances on NGS Super after figuring out what it described as “significant deficiencies” within the funds cyber controls.

The regulator noticed these further license circumstances as crucial following a March, 2023, cyber incident which it stated “saw a significant amount of data being lost and NGS’ systems being compromised for a period”.

APRA’s strategy is probably going to be colored by the truth that it’s much less than a yr because it wrote to superannuation funds urging them “to stay vigilant and proactively implement strategies to mitigate the risks and impact of potential cyber-attacks”.

The funds recognized as being focused in what’s believed to have been a coordinated cyberattack have been AustralianSuper, Australian Retirement Trust, Rest, Hostplus in addition to Insignia Financial’s MLC Expand platform.

Insiginia Financial, confirming the character of the assault, stated that it “appears to involve a malicious third party undertaking an activity known as ‘credential stuffing’”.

Credential stuffing is a cyberattack the place attackers use stolen username and password combos, usually obtained from information breaches, to gain unauthorized entry to person accounts on different platforms, leveraging the truth that many customers reuse credentials throughout providers .

While it’s understood that no member funds have been really misplaced within the 2023 assault on NGS Super, AustralianSuper final week confirmed that its members misplaced $500,000.

The cyber attacks have prompted claims from the cyber security sector that the industry wants to undertake a collaborative strategy.

Software@Scale chief govt, Louis Droguett stated the attacks had exploited compromised member credentials.

“These attacks weren’t about breaching firewalls, they exploited compromised member credentials, a clear blind spot in our cybersecurity landscape,” he explains. “This isn’t a failure of multi-factor authentication (MFA) or firewalls, it’s a failure to detect what’s already leaked,” he stated.

“The threat was visible but not acted upon. This demonstrates a critical need for proactive dark web monitoring. Knowing when member credentials are compromised allows funds to take immediate action, before attackers can exploit them.”