On September 22, the Australian telecommunications company Optus fell victim to a cyber attack. The attacker captured millions of customer data. Optus is Australia's second largest telecommunications company with 9,8 million customers.
How many customers are affected and to what extent is still being determined. According to media reports, such as The Guardian, 2,8 million customers are affected to a greater extent. Information that may have been disclosed includes names, dates of birth, phone numbers, email addresses, and — for a subset of customers — addresses and identification document numbers such as driver’s license or passport numbers, Optus explains on its website. According to the company, the affected customers would be informed directly about the information at risk. Curtis Simpson, CISO at Armis commented on the attack.
Millions of customer data stolen
“The far-reaching consequences of this attack have yet to be revealed. Leaking sensitive data from millions of customers, this is one of the largest attacks Australia has ever seen. The company has confirmed that it was able to prevent further penetration of the criminal hacker into its operations. If the attacker had gotten any further, this could have led to significant impairments in the everyday life of the civilian population, such as interrupted availability of mobile phone services, blocking access to streaming services and more. However, the consequences are still devastating and are progressing rapidly in the Australian system.
Data is a valuable resource and must be protected with extreme care as it can easily be exploited by scammers. For mobile operators, whose operations have evolved and changed significantly in recent years, this protection requires ongoing visibility and insight into the behavior of all assets. Of particular concern are unmanaged assets that have the potential to disrupt critical operations and/or customer services; these include, but are not limited to, IoT devices, OT infrastructure, and mobile IoT.
Risk and Threat Management
Maintaining secure service availability in such a diverse and hybrid ecosystem requires a fundamental and ongoing understanding of technology in the enterprise landscape. All downstream proactive and reactive risk and threat management strategies must be executed against this ever-evolving view of the business and attack surfaces.
As attacks of this magnitude become more common, organizations need to reassess their risk posture and use industry frameworks to determine which risks are “acceptable” and which are intolerable. This gives them all the information they need to strengthen their security situation. In order to eliminate critical vulnerabilities and avoid security blind spots, it is imperative to increase our focus on full transparency.”
More at Optus.com.au