November 8, 2022
PETER STEFANOVIC: Let's go to Canberra now. Joining us is our panel, Peter Kahlil, James Paterson. James, we'll start with you. Good morning, by the way. I do want to get your response to this response from the hackers this morning. They are threatening to release the details of Medibank customers within the next 24 hours. So, the clock's now ticking. What's your reaction to that this morning?
JAMES PATERSON: Good morning, Peter. Well, unfortunately this is another piece of concerning news for Medibank customers who have had a distressing couple of weeks and each day they seem to learn new, more concerning news about the Medibank breach. The most important thing today for Medibank customers is to be on high alert personally for any individualised attempts to extort them personally. They should be aware if that happens, it's not necessarily the hacker. It might well be people trying to piggyback off the hacker and try and opportunistically take advantage of this news. They should not assume that anyone who contacts them actually does have their data. They also shouldn't assume that paying anyone will protect them in any way. What they should do if they're contacted, is to contact the hotline that Medibank has set up, and notified its customers of, to alert them of that and be on high alert for any suspicious activity on any of their accounts, on their email, on their bank accounts, and to notify their bank if they observe any suspicious activity.
STEFANOVIC: So, is there any more that Medibank can be doing or is it up to the customer now?
PATERSON: I think the unfortunate thing about the Medibank crisis is that the company's understanding of the attack has evolved. And yesterday I asked the Information Commissioner before the Senate estimates about that and she said that's a matter of active investigation because it is important that companies disclose what they know when they know it, and it will be important to understand whether Medibank has done that. But that's kind of for after the crisis. We just need to get through the crisis at this stage. I understand that Medibank is cooperating with the Australian Cyber Security Centre, who will be also appearing before Senate estimates this afternoon, and we'll discuss that further with them. It's critical that they continue their co-operations to protect their customers as best they can.
STEFANOVIC: Okay. Let's bring in Peter Khalil now. Pete, good morning to you. So, this is, as we all know now, the two big hacks in two months. Have hackers identified a weak spot here in Australia, a country that they'll keep on trying to hit now?
PETER KHALIL: Yeah. Good morning, Karl. I was looking at some statistical analysis around...
STEFANOVIC: Pete. Wrong channel.
KHALIL: Oh, Pete, sorry. Did I call you, Karl? I'm so sorry.
STEFANOVIC: Yeah, it's disgraceful.
KHALIL: That's a bit of a slip of the tongue. You're better looking too by the way...
STEFANOVIC: That is disgraceful Peter Khalil.
KHALIL: I thought I was on the Today... Anyway, we won't go there. It's an early morning start. Look, Pete, I've got to say, I was looking at some analysis around this and the increases in cyber attacks and on Australians has been pretty steady over the last period of time, last couple of years, in fact about 34 per cent of Australians have been subject to some form of cyber attack where only about 11 per cent of a serious assault or burglary or crime like that. So, it is part of our world now, these cyber attacks. I think it's really important that Medibank doesn't pay the ransomware because doing such, and this is the government advice of course, doing such would actually undermine our cyber security efforts, put further personal information of Australians, businesses and infrastructure at risk because they'll keep doing it, right? And you asked me about this a while back and that was my view then, and it's the government's view now that they're doing the right thing. It's consistent with government advice.
But James makes a very good point about the risks to individuals now. They need to be wary, as he said, of other criminals trying to take advantage of the situation and sending them emails and so on to try and pretend that they're going to provide their information and try and scam them for money. So that's a really important thing. Medibank has set up some very good hotlines and support services and the federal government is working assiduously now that Clare O'Neil, the Home Affairs Minister, set up what's called a national, what will we call it, a national coordination mechanism, which is a new mechanism that ensures that there's a focus across all levels of government and industry to deal with these cyber threats. So that's really, really important efforts being made. And we need to, you know, keep review, there's going to be a cyber review of our cyber laws as well to ensure that they're fit for purpose for the world that we live in.
STEFANOVIC: So, James, according to Trevor Long, he's our tech expert, he was across this in our last hour. He's pointed to a Russian dark website where this is all coming from. So, do we deduce from this that the Russians are responsible?
PATERSON: We should be careful not to make assumptions based on partial information. It is possible, and it is often the case that ransomware gangs operate out of jurisdictions like Russia. It is one of the major centres of it, but it's not the only one. They also commonly operate in North Korea and Iran and China and elsewhere in the world and in, actually, allied jurisdictions, but under the radar, without the cooperation or protection of law enforcement or intelligence agencies. So, we shouldn't make assumptions, but it wouldn't be out of the realms of possibility that this was a Russian-based gang.
KHALIL: Can I just add on that, Pete...
STEFANOVIC: Pete, yeah.
KHALIL: That that website that you're referring to... Pete, yeah. That website that you're referring to. I think it's called Reveal or something like that...
STEFANOVIC: Yeah, it is. Yeah…
KHALIL: Apparently. Yeah. Apparently, the Russian authorities sort of tried to shut it down a while back, but obviously, since the war, maybe they've got a bit lax...
STEFANOVIC: Yeah, they're back again.
KHALIL: It's been busier. So, but as James said, you can't, you don't know, you can't ascribe yet because there's not enough...
STEFANOVIC: Yeah, and I tell you, like, given the war, I mean, we don't have much of a relationship with the Russkies at the moment too, do we? So that makes any kind of negotiation with them very, very difficult. We've only got a minute left guys. I do want to ask you about IR. Pete, start with you here. Why not just split the bill to appease opponents who say it's being rushed?
KHALIL: Okay, so I've heard you asked this question a number of times. We've made a commitment to get wages moving and the IR reforms that we're putting in place through the parliament, the change the laws are all about closing the gender pay gap, improving work conditions and boosting bargaining, making bargaining work again to get wages moving. Now I know people, people in the Senate like Senator Pocock, and by the way, we've actually in good faith negotiated some amendments as well. One of the amendments is to allow individual workforces a vote so if they don't want to be part, if the majority of workers in that individual workforce don't want to be part of the multi-employer agreement, they don't, they can opt out. So, we've done that in good faith. But here's the point. You know, I don't, I mean, I'm pretty sure Senator Pocock, for example, knows that the average income in Canberra is pretty high. It's higher than anywhere else in Australia I think, and it's a lot higher than the average income in my electorate in the northern suburbs of Melbourne where there are low and middle income earners who have a real need to get wages moving and this is how we do it, especially ahead of Christmas. So, we think it's important to get these laws and get these laws changed and get these wages moving.
STEFANOVIC: Okay. And final one here to you, James. I mean, Pete pointed to a few amendments there. Does that make it any more or less palatable for you?
PATERSON: This is now an embarrassing farce for the Albanese government. They've announced multiple amendments to their own government bill before it's even been voted on in the parliament. And this is all a result of them trying to jam it through the parliament in just a couple of weeks and not giving the Senate adequate time to consider this. It would have been possible had they allowed a Senate committee proper, normal amount of time to scrutinise these bills that it could have passed with the consent of the crossbenchers. But instead, they've offended everyone in the Senate by trying to ram this through and protect it from scrutiny. The truth is, we all know this is just about restoring union power. This is what the Labor Party is here to do, and it's very dangerous for our economy in the uncertain time we are going into. It will lead to more strikes. It will lead to more unlawful activity, particularly in the building industry, with their decision to abolish the Australian Building and Construction Commission. And when we've got inflation running as high as it is already, it's hard to see how this is going to help anyone, particularly people in small business.
STEFANOVIC: Gentlemen, we are out of time. I don't even have time for you to respond. You’ve got 15 seconds, Pete, 15 seconds. Go.
STEFANOVIC: Well, well, I thought James liked the fact that democracy works where you can negotiate in good faith with Senators like himself in the Senate to improve bills. And we did so in good faith, and we've come up with some amendments. And no, they're still blocks on pattern bargaining. There's still elements in the bill, obviously, to guard against protracted strike. So, I reject what he has said, which is it sounds a bit partisan to me.
STEFANOVIC: All right, Peter Khalil, James Paterson, good to have you with us. Appreciate that. Thank you. We'll talk to you again next week.
ENDS
