Strategic advisor at Semperis, Simon Hodgkinson, discussed the ongoing state-sponsored cyberattacks, particularly in Australia. With decades of experience as a cybersecurity leader in software, financial services, and energy industry, Hodgkinson shared valuable perspectives and reflected on previous incidents, highlighting hard-learned lessons and best practices. His message is clear: cyber conflict is no longer a possibility, it’s the present reality. And for Australian organisations, the threat feels closer than ever.
Why Australia is a target
While Australia may have a smaller GDP and population compared to powerhouses like the US and the UK, it has become an appealing target for state-sponsored cyberattacks.
“Well, a lot of cyberattacks are not financially motivated. It’s more about espionage, stealing secrets and sensitive information, and potentially attacking critical national infrastructure,” said Hodgkinson.
Hodgkinson explained that Australia’s membership in the Five Eyes alliance and its strong ties with powerful Western countries place it in a sensitive position. He added that should an event occur, such as an international conflict or an extreme end of cyber warfare, Australia would likely be involved together with the US, the UK, New Zealand, and other European countries. This means that Australia is a potential point of interest for adversarial nation-states.
“There’s a lot of sensitive information being shared between the Australian government and other governments across the world. If they were able to breach Australia’s defences, they may also get information about what is being shared with other countries as well,” Hodgkinson further elaborated.
Smarter threats, slower and shrinking response
Despite these sobering and terrifying realities, there is a worrying state of desensitisation coming in. With breach fatigue becoming more common, there is a growing risk that both individuals and organisations will become complacent.
“Overcoming the problem is going to be difficult because most people’s personal information is already out there. And I think a lot of people are in that place of, ‘Oh, it’s another data breach, nothing particularly concerning about this one,’” Hodgkinson pointed out.
Adding to this challenge is the increasing sophistication of cyber attacks and the continued targeting of critical infrastructures. “Nation-states often launch very sophisticated attacks. These are usually advanced persistent threats, low and slow operations. They’ll infiltrate an organisation and just sit there,” Hodgkinson said.
He emphasised that it is crucial for people to understand that when a nation-state targets an organisation, whether it be a public or private one, they only need to succeed once. In contrast, defenders have to be successful all the time. And since these attackers often face no constraints in terms of time or resources, they can continuously probe and attempt to weaken organisations’ defences.
As if these were not enough, the rapid rise of AI also intensifies the complexity of this already challenging environment. Hodgkinson described AI as both a positive and a negative from a cybersecurity perspective. He explained that while AI improves our speed and ability to detect threats and automate responses, it also increases the sophistication of phishing attacks, deepfakes, and malicious software. He cited a 2024 incident in which a deepfake AI impersonated a company’s CFO during a video conference call, resulting in the transfer of $25 million to a fraudulent account.
“Deepfakes are incredibly good now. It only takes a few seconds of recorded audio to create a deepfake voice, and not much more to generate video. So I think we’ll see a lot more activity in that space. I’m really concerned because I think this is the next scammer’s paradise,” he warned.
Resilience as a survival imperative
So where does that leave Australian organisations?
Hodgkinson stressed that the focus must shift to resilience. He stressed, “For a long time, organisations have been focused on trying to withstand through good protective and detective controls, and I think there is a need to rebalance that now. Every organization should have an assumed breach mentality, and they need to really rebalance their resources by working hard to withstand attacks where they can and focus on that capability to recover.”
However, the challenge is not just to recover, but to recover with integrity. Hodgkinson warned that nation-state attackers often leave backdoors in place, allowing them to strike again. Therefore, organisations have to deploy sophisticated technology in order to spot those anomalies.
The bottom line: resilience is no longer optional, it’s a survival imperative. “We must rebalance our resources, not only on the ability to withstand attacks, but more importantly, on our ability to recover,” Hodgkinson concluded. That’s how organisations stay in the fight.
