The latest embarrassing hack reminds us we are losing the race with cybercriminals

And it’s not just the potential impact on those whose privacy could be breached and future trials that should be setting off alarm bells. The fact that Court Services Victoria had not publicly acknowledged before media reporting almost two weeks later seems inadequate given the sensitivity of the data and the vulnerability of the people they have a duty to protect.

The Age has also revealed that the witnesses whose sensitive testimonies about sexual abuse or underworld figures could be leaked online are unable to apply for compensation through the state’s privacy watchdog.

Under Victorian law, members of the public can make complaints and seek compensation with Privacy and Data Protection Deputy Commissioner Rachel Dixon when their information held by government agencies is breached. But the state’s court system is exempt from this legislation, meaning Dixon does not have powers to act over a court-related breach or to receive complaints from those affected, as she can do with other areas of government. This is a serious shortcoming that needs to be urgently remedied.

The state government is well aware of the increased risk of data breaches. In 2021, it announced a five-year cyber strategy that includes establishing a Cyber Defence Centre that operates 24 hours a day, seven days a week to provide departments and agencies with critical support when they are responding to cyber incidents. Labor handed out more than $34 million to implement the strategy in this year’s budget.

That is all very well and good but, as is embarrassingly evident, when dealing with such a critical and sensitive breach as has occurred at the state’s court system, the shortcomings of the security in place to prevent such an attack and a plan of action once it occurred are there for all to see.

Loading

If there is a silver lining to the spate of cybercrime more broadly, it is that it might have shaken some of the country’s businesses and organisations out of complacency on issues of data security. Investment in defences is no longer an optional extra, but an essential part of doing business.

For its part, the federal government’s $291 million investment in a “six shield” strategy to help small and medium-sized businesses assess their cyber defences is a good start. But extending this support to larger organisations and developing a consistent, strategic approach across all jurisdictions will be key to bolstering the nation’s defences.

A plan to wind back laws that require companies like telcos to store large amounts of customer data for long periods of time is another sensible step recently announced in the federal government’s cybersecurity strategy.

But we must move quickly. We are in a race against the hackers and, for the moment, they appear to be winning.

The Opinion newsletter is a weekly wrap of views that will challenge, champion and inform your own. Sign up here.