The Week In Security: NDB report shows Australian companies losing the cybercrime fight

It was perhaps eerily appropriate that, during the week of the Commonwealth Games, records were falling both at the venues and in the world of cybersecurity.

Details of Australia’s largest-ever DDoS attack, for example, were revealed.

Under Armour, parent company of the MyFitnessPal fitness app, was urging calm after a data breach compromised a massive 150 million accounts.

Yet it was the first local report by the Office of the Australian Information Commissioner (OAIC), which shared details of the performance of the new notifiable data breaches (NDB) scheme, that perhaps raised the most eyebrows.

Australian companies reported nearly 2 data breaches every day during the scheme’s first 5 weeks in effect, with healthcare companies particularly vulnerable.

The figures confirmed that the real volume of data breaches was well above those reported in the past. This corroborated the dismal picture painted in Verizon’s latest Data Breach Investigations Report (DBIR), which found that cyber criminals are still running rings around the people that are supposedly protecting corporate data.

Facebook founder Mark Zuckerberg fronted the US Congress to explain his company’s loss of sensitive customer data, even as the company launched a $40,000 bounty for reports of data abuse.

Coinciding with that scandal has been a push to bolster cloud companies’ Australian data-centre operations, with operators pushing their data-sovereignty offerings

The UK government was stepping up its fight against dark-web abuse, with a £9m ($A15.5m) injection to ramp up its crime-fighting capabilities.

The UK’s GCHQ also offered guidance on cybersecurity protections, outlining the 6 levels of cyber attack and offering advice to help companies respond.

Meanwhile, cybercriminals were flocking to leverage the critical Flash Player flaw that was revealed in February.