Why foreign hackers in North Korea, Russia are targeting Australian bank, super accounts

Australians face having their bank and retirement savings stolen as hackers in rogue nations like North Korea are able to use AI to inflict more cyber attacks, security experts have warned following a warning from the banking regulator.

Strategic Analysis Australia founder Michael Shoebridge, who has previously worked for the Australian Signals Directorate and the Defence Intelligence Organisation, said hackers in North Korea and Russia, in particular, could break into Australian accounts more often.

“If the banks and other financial institutions don’t rapidly get up to speed with this new form of cyber threat, it could happen very frequently,” he told The Nightly.

“We are a wealthy nation - being one of the top 15 economies, wealthiest countries on the planet, our superannuation outfits are high-value targets and we’ve only got four big banks so they’re all pretty attractive targets.”

State-connected hackers could also become more sophisticated as artificial intelligence large language models like Anthropic’s Claude Mythos, enabled them to do what humans can’t.

“It can really accelerate their capabilities because hackers thrive on something called zero-day vulnerabilities, which are vulnerabilities in systems and software that are unknown to designers and users of the software and that means there’s no protection against them,” Mr Shoebridge said.

“This could be a new area for organised crime. It can be about being able to disable a country’s financial system.”

Cybersecurity expert Alastair MacGibbon, who previously advised former prime minister Malcolm Turnbull on cybersecurity, said North Korean hackers sought access to Australian dollars to get around sanctions by targeting Australian banks.

“The more we restrict cashflow into North Korea, because they’re busy developing nuclear weapons and being a rogue state, the more they will attack the institutions that they see as extensions of Western governments,” he said.

“In the case of North Korean hackers, they want to get access to funds, they want Western currency, so anyone that holds funds in trust for other people.”

Australian Prudential Regulation Authority chairman John Lonsdale has written an open letter to banks, superannuation funds and insurers criticising them for failing to be properly prepare for attacks originating overseas.

“APRA found that, while many entities are alert to geopolitical risk, there are differing levels of maturity in how this awareness is translated into risk management practices and crisis preparedness,” it said.

“Entities give limited consideration to geopolitical risk as an amplifier of existing material risks.”

Risk management practices were also failing to keep pace with “rapidly emerging threats”.

“These include personnel-related security risks, such as foreign interference, and risks associated with disinformation campaigns that could undermine confidence in an entity’s resilience,” APRA said.

Mr MacGibbon said disinformation could exaggerate share market downturns in an era of machines doing automated trades.

“I’m surprised how little dialogue there is around it. I’ve spoken to some senior people in banks who are becoming increasingly worried about some of that,” he said.

Corporate board were also seen as ill-equipped to deal with the use of artificial intelligence in cyber attacks.

“Many Boards are still developing the technical literacy needed to provide effective challenge on these risks,” APRA said.

“Reliance on critical third parties, often located overseas, also makes it more difficult to assess, mitigate and manage these risks.”

Financial institutions were also criticised for failing to conduct regular exercises to prepare for cyber attacks.

“Entities make insufficient use of periodic crisis exercises to build confidence that they are ready to respond to severe but plausible geopolitical shocks,” APRA said.

“These exercises often do not test decision-making, escalation and communication protocols across multiple risk areas under conditions of heightened uncertainty.”

Brad Jones, the Reserve Bank of Australia’s assistant governor overseeing the financial system, said threats to the financial system were now more likely to originate outside it.

“For many decades the major risks to financial stability were thought to be cyclical, generated within the financial system, and their mitigation and resolution involved familiar toolkits,” he told the Australian Banking Association conference in Melbourne on Wednesday.

“By contrast, the issues I have discussed today are structural, originating from outside the system, and cut across the financial system (and indeed society) in multi-faceted ways that require fresh thinking.”