1 00:00:05,200 --> 00:00:08,039 Speaker 1: From The Australian. Here's what's on the front. I'm Claire Harvey. 2 00:00:08,119 --> 00:00:13,960 Speaker 1: It's Wednesday, April nineth, twenty twenty five, and for now 3 00:00:14,000 --> 00:00:16,600 Speaker 1: Benezi and Peter Dutton have faced off in the first 4 00:00:16,720 --> 00:00:21,640 Speaker 1: debate of this election campaign, a clash that inevitably turned fiery. 5 00:00:22,480 --> 00:00:25,720 Speaker 2: In the twenty fourteen budget, thirty b and dollars was 6 00:00:25,760 --> 00:00:29,080 Speaker 2: repped out of public schools. In that budget, fifty b 7 00:00:29,200 --> 00:00:32,239 Speaker 2: and dollars was repped out of hospitals. That is not 8 00:00:32,360 --> 00:00:37,000 Speaker 2: the factually correct statement. It's misleading, it's designed to scare people, 9 00:00:37,360 --> 00:00:39,400 Speaker 2: and I think it's dishonest from a man who wants 10 00:00:39,440 --> 00:00:42,280 Speaker 2: to be re elected as the Prime minister of our country. 11 00:00:42,840 --> 00:00:45,920 Speaker 2: In forty years, there has not been a higher spending 12 00:00:45,960 --> 00:00:47,880 Speaker 2: government than your government. Is that correct? 13 00:00:47,960 --> 00:00:49,680 Speaker 3: Well, that's not true, except for the one that you 14 00:00:49,720 --> 00:00:50,400 Speaker 3: were a part of. 15 00:00:52,320 --> 00:00:56,480 Speaker 1: The Greens are pitching their campaign at Australia's seven million renters, 16 00:00:56,800 --> 00:00:59,280 Speaker 1: with leader Adam Bandt at the Press Club on Wednesday 17 00:00:59,520 --> 00:01:03,000 Speaker 1: to demand capital gains, tax breaks and negative gearing be 18 00:01:03,240 --> 00:01:08,520 Speaker 1: axed and a freeze on rent increases. All the latest 19 00:01:08,600 --> 00:01:12,360 Speaker 1: from the campaign and our experts analysis is live now 20 00:01:12,440 --> 00:01:17,840 Speaker 1: at the Australian dot com dot au. Australian super has 21 00:01:18,040 --> 00:01:21,200 Speaker 1: finally called in the police to investigate a hack that 22 00:01:21,360 --> 00:01:25,119 Speaker 1: saw four hundred and six thousand dollars drained from an 23 00:01:25,160 --> 00:01:30,119 Speaker 1: elderly customer's superannuation account. But the scandal has revealed huge 24 00:01:30,200 --> 00:01:34,520 Speaker 1: holes in superfund's ability to keep our money away from criminals, 25 00:01:34,959 --> 00:01:37,640 Speaker 1: or even to allow us to log into their websites 26 00:01:37,720 --> 00:01:41,160 Speaker 1: to find out how much money we have left today? 27 00:01:41,600 --> 00:01:50,279 Speaker 1: Is our money safe in super? Towards the end of March, 28 00:01:50,320 --> 00:01:54,120 Speaker 1: a seventy four year old Queensland woman received some correspondence 29 00:01:54,200 --> 00:01:59,440 Speaker 1: from her superannuation fund. We'll call her Joan. Australian super 30 00:01:59,560 --> 00:02:03,360 Speaker 1: was writing to Joan, it said, to confirm withdrawals made 31 00:02:03,360 --> 00:02:07,920 Speaker 1: from her account a week earlier. That's odd, Joan hadn't 32 00:02:08,000 --> 00:02:11,640 Speaker 1: made any withdrawals, much less for one hundred thousand dollars 33 00:02:11,720 --> 00:02:15,640 Speaker 1: at a time, and it wasn't just one. Joan realized 34 00:02:15,680 --> 00:02:19,720 Speaker 1: with increasing horror that six withdrawals totaling four hundred and 35 00:02:19,800 --> 00:02:23,480 Speaker 1: six thousand dollars had been made from her super over 36 00:02:23,480 --> 00:02:26,799 Speaker 1: the space of a week. When she alerted the superfund 37 00:02:26,840 --> 00:02:30,720 Speaker 1: to the fraud, she expected a swift response, but for 38 00:02:30,919 --> 00:02:35,679 Speaker 1: ten agonizing days. It was crickets. The fund failed to 39 00:02:35,760 --> 00:02:38,760 Speaker 1: raise the incident with the Commonwealth Bank and didn't commit 40 00:02:38,840 --> 00:02:42,639 Speaker 1: to covering the loss until The Australian's Business reporter Cleoner 41 00:02:42,639 --> 00:02:47,760 Speaker 1: O'Dowd started asking questions almost three weeks after the attack began. 42 00:02:48,639 --> 00:02:52,000 Speaker 1: And Joan's not the only one caught up in this mess. 43 00:02:53,880 --> 00:02:58,639 Speaker 4: Several Australian superannuation funds have been targeted by cyber criminals. 44 00:02:59,040 --> 00:03:03,600 Speaker 4: It's caused panic and frustration for thousands of members who've 45 00:03:03,600 --> 00:03:07,720 Speaker 4: been unable to check whether their nest egg has been impacted. 46 00:03:11,400 --> 00:03:15,160 Speaker 1: Jared Lynch is The Australian's Technology editor. The story of 47 00:03:15,320 --> 00:03:18,639 Speaker 1: Joan and her loss of four hundred and six thousand 48 00:03:18,639 --> 00:03:22,200 Speaker 1: dollars from her superfund is just staggering. And what does 49 00:03:22,240 --> 00:03:24,720 Speaker 1: that tell us about the safety of all of our funds. 50 00:03:25,840 --> 00:03:29,320 Speaker 3: It tells us that our safety is expendable and can 51 00:03:29,440 --> 00:03:33,760 Speaker 3: be cracked within seconds by anyone who's got the will 52 00:03:33,760 --> 00:03:35,960 Speaker 3: to be able to do that. How they've been able 53 00:03:36,000 --> 00:03:38,920 Speaker 3: to get in the hackers is that they've got a 54 00:03:38,920 --> 00:03:42,160 Speaker 3: heap of people's usernames. They've ever tried to get a 55 00:03:42,160 --> 00:03:44,920 Speaker 3: heap of passwords from the dark web, from previous breaches 56 00:03:45,040 --> 00:03:47,000 Speaker 3: or they have done what's called a brute force attack, 57 00:03:47,360 --> 00:03:50,480 Speaker 3: which is to keep guessing, scrambling, guessing until you're getting 58 00:03:50,560 --> 00:03:53,600 Speaker 3: through the door. And because there's no multi factor of 59 00:03:53,680 --> 00:03:57,640 Speaker 3: authentication which means you get a notification on your phone 60 00:03:57,720 --> 00:04:00,600 Speaker 3: or through a third party app to verify yourself, that 61 00:04:00,680 --> 00:04:02,720 Speaker 3: means that they can walk straight in through the door 62 00:04:03,040 --> 00:04:04,800 Speaker 3: and do what they like with your account. 63 00:04:06,400 --> 00:04:08,960 Speaker 1: How big is this jared compared to other hacks that 64 00:04:09,000 --> 00:04:12,120 Speaker 1: we've seen of major companies like, for example, OPTAs. 65 00:04:12,280 --> 00:04:15,720 Speaker 3: Australia super would love to compare it to OPTAs, saying 66 00:04:15,760 --> 00:04:17,880 Speaker 3: that well, they had the data of nine and a 67 00:04:17,880 --> 00:04:21,119 Speaker 3: half million Australian stolen. We've only had a very small 68 00:04:21,160 --> 00:04:23,800 Speaker 3: problem here and that of course has been the problem 69 00:04:23,800 --> 00:04:25,880 Speaker 3: with the super funds, which is why they've been so 70 00:04:26,080 --> 00:04:28,800 Speaker 3: laxed when it comes to cybersecurity. And I'm not saying this. 71 00:04:29,240 --> 00:04:32,240 Speaker 3: The Australian Securities and Investments Commission is saying this. They 72 00:04:32,320 --> 00:04:35,320 Speaker 3: set it back in January saying that your weak online 73 00:04:35,360 --> 00:04:39,240 Speaker 3: security is exposing your members to scams. Do something about it. 74 00:04:39,520 --> 00:04:42,919 Speaker 3: And rather than doing something about it, the Association of 75 00:04:42,960 --> 00:04:48,240 Speaker 3: Super Funds Off Australia CEO said, you're raising unnecessary alarm. 76 00:04:48,680 --> 00:04:52,240 Speaker 3: Super funds are the safest places in Australia to put 77 00:04:52,279 --> 00:04:56,160 Speaker 3: your money. So nothing happened and as a result we've 78 00:04:56,200 --> 00:04:59,640 Speaker 3: now seen this huge cyber attack because they thought, well 79 00:04:59,720 --> 00:05:02,920 Speaker 3: it's only a little problem. Well little problems can turn 80 00:05:03,360 --> 00:05:06,520 Speaker 3: into big problems. To paraphrase Paul Kelly, from little things, 81 00:05:06,520 --> 00:05:09,200 Speaker 3: big things grow and that is indeed what is happening. 82 00:05:11,560 --> 00:05:14,359 Speaker 1: Four super funds were targeted by cyber criminals in the 83 00:05:14,400 --> 00:05:20,279 Speaker 1: coordinated attack, Australian Super, Australian Retirement Trust HOST Plus and 84 00:05:20,520 --> 00:05:25,760 Speaker 1: REST the retail employee's superannuation trust. They manage almost a 85 00:05:25,880 --> 00:05:29,320 Speaker 1: trillion dollars in retirement savings on behalf of thousands of 86 00:05:29,360 --> 00:05:34,360 Speaker 1: Australians like Joan, who's one of four Australian supercustomers confirmed 87 00:05:34,440 --> 00:05:37,880 Speaker 1: to have lost money in the hack. Australian Super is 88 00:05:37,920 --> 00:05:40,960 Speaker 1: still combing through the six hundred accounts that were breached, 89 00:05:41,320 --> 00:05:46,000 Speaker 1: while other funds scramble to reassure their anxious customers. 90 00:05:47,839 --> 00:05:53,160 Speaker 5: No suspicious transactions or changes have been detected on member accounts. 91 00:05:53,600 --> 00:05:57,120 Speaker 2: We recognize how frustrating this can be and sincerely appreciate 92 00:05:57,160 --> 00:06:01,360 Speaker 2: your patience. An unusually high spe can log in attempts. 93 00:06:02,240 --> 00:06:04,480 Speaker 1: We are experiencing a high volume of calls to our 94 00:06:04,480 --> 00:06:07,680 Speaker 1: contact center, resulting in a longer than normal wait time. 95 00:06:09,160 --> 00:06:12,200 Speaker 1: So Jared, now we get to the mystery of why 96 00:06:12,279 --> 00:06:15,960 Speaker 1: police weren't involved right from the beginning. What are you 97 00:06:16,040 --> 00:06:19,680 Speaker 1: hearing now from Australian super about if or when the 98 00:06:19,680 --> 00:06:20,640 Speaker 1: police were called. 99 00:06:22,080 --> 00:06:24,560 Speaker 3: Well, the good news is that they have contact a 100 00:06:24,640 --> 00:06:27,080 Speaker 3: Metaday to say that we have reported it to the AFP. 101 00:06:27,240 --> 00:06:30,480 Speaker 3: Five days after the hackers struck they decided to call 102 00:06:30,520 --> 00:06:33,599 Speaker 3: in the coppers and that was only because probably that 103 00:06:33,680 --> 00:06:35,680 Speaker 3: we did a front page story saying they hadn't called 104 00:06:35,720 --> 00:06:39,000 Speaker 3: the AFP, who, of course, are the federal agency tasks 105 00:06:39,040 --> 00:06:42,880 Speaker 3: with investigating such crimes, because as we all know, they're 106 00:06:42,880 --> 00:06:44,919 Speaker 3: the ones that we're able to track down the Russian 107 00:06:44,960 --> 00:06:47,760 Speaker 3: hacker that was responsible for the medibank attack back in 108 00:06:47,839 --> 00:06:48,520 Speaker 3: late twenty two. 109 00:06:49,839 --> 00:06:54,479 Speaker 5: The AFP is undertaking covert measures and working around the 110 00:06:54,480 --> 00:06:59,359 Speaker 5: clock with our domestic agencies and our international networks, including 111 00:06:59,400 --> 00:07:04,840 Speaker 5: into POL. This is important because we believe those responsible 112 00:07:04,880 --> 00:07:08,760 Speaker 5: for the breach are in Russia. 113 00:07:08,960 --> 00:07:10,880 Speaker 3: Super funds, a lot of them, not all of them, 114 00:07:10,880 --> 00:07:13,080 Speaker 3: but a lot of them are regulated by the Australian 115 00:07:13,080 --> 00:07:18,240 Speaker 3: Prudential Regulatory Authority, and when these sort of hacks happen, 116 00:07:18,880 --> 00:07:21,600 Speaker 3: APROA do a review and if they have found that 117 00:07:21,680 --> 00:07:26,160 Speaker 3: your cyber defenses are inadequate or weak, then they can 118 00:07:26,200 --> 00:07:28,640 Speaker 3: impose pretty harsh penalties, which is what they did with 119 00:07:28,720 --> 00:07:32,360 Speaker 3: Medibank after their attack, and the same thing can happen here. 120 00:07:32,960 --> 00:07:35,840 Speaker 3: The problem is we don't know what that is until 121 00:07:35,840 --> 00:07:39,360 Speaker 3: probably potentially weeks or even months after the event, until 122 00:07:40,000 --> 00:07:43,000 Speaker 3: the forensic analysis has been done. APRA comes in and 123 00:07:43,040 --> 00:07:46,480 Speaker 3: does their investigation, and all that is very poor comfort 124 00:07:46,480 --> 00:07:49,400 Speaker 3: to members who the reason why they're with an industry 125 00:07:49,440 --> 00:07:51,800 Speaker 3: super fun to begin with is they're there to profit members, 126 00:07:51,840 --> 00:07:55,960 Speaker 3: not themselves, and any fines are taken from the member's 127 00:07:56,040 --> 00:07:58,240 Speaker 3: pot of money. So they're up in arms say, well, 128 00:07:58,400 --> 00:08:01,120 Speaker 3: what point is it to find the super funds. That's 129 00:08:01,160 --> 00:08:04,000 Speaker 3: my money that you're taking away, and I've already been 130 00:08:04,320 --> 00:08:06,840 Speaker 3: hit with this cyber attack, so it's almost like punishing 131 00:08:06,880 --> 00:08:07,880 Speaker 3: the victims of crime. 132 00:08:08,680 --> 00:08:11,440 Speaker 1: The other big threat to Australian superbalances right now is 133 00:08:11,520 --> 00:08:15,360 Speaker 1: Donald Trump and his Liberation Day tariffs, which are draining 134 00:08:15,400 --> 00:08:18,680 Speaker 1: money out of all our superbalances day to day. That's 135 00:08:18,800 --> 00:08:22,200 Speaker 1: why hundreds of thousands of Australians are wanting to log 136 00:08:22,280 --> 00:08:25,200 Speaker 1: on and look at their superbalances to see what's going on, 137 00:08:25,320 --> 00:08:28,240 Speaker 1: to see how much money they've got left. Should the 138 00:08:28,240 --> 00:08:31,960 Speaker 1: funds have to be able to deal with that kind 139 00:08:32,000 --> 00:08:34,720 Speaker 1: of volume, Jared, Surely it's not out of the realm 140 00:08:34,720 --> 00:08:38,120 Speaker 1: of consideration that everybody would want to log on all 141 00:08:38,160 --> 00:08:39,679 Speaker 1: on the one day to see if their money is 142 00:08:39,679 --> 00:08:40,120 Speaker 1: still there. 143 00:08:40,400 --> 00:08:43,520 Speaker 3: You're absolutely spot on there if they're providing a service 144 00:08:43,520 --> 00:08:45,320 Speaker 3: and they've got to make sure people access it. And 145 00:08:45,320 --> 00:08:48,440 Speaker 3: when you look at a massive geopolitical event which is 146 00:08:48,480 --> 00:08:53,120 Speaker 3: causing considerable anxiety, particularly as you approach preservation age where 147 00:08:53,160 --> 00:08:55,680 Speaker 3: you're about to draw down on that super naturally you 148 00:08:55,760 --> 00:08:58,320 Speaker 3: are going to want to check out what your balances 149 00:08:58,360 --> 00:09:02,679 Speaker 3: are etc. Also, the closer you are to preservation age, 150 00:09:03,160 --> 00:09:06,880 Speaker 3: the more vulnerable you are to scams because you're wanting 151 00:09:06,960 --> 00:09:09,520 Speaker 3: to go in logging, work out how you're going to 152 00:09:09,600 --> 00:09:12,000 Speaker 3: manage your money, etc. And that was one of the 153 00:09:12,040 --> 00:09:17,480 Speaker 3: things Acid called out that super trustees had no way 154 00:09:17,520 --> 00:09:22,800 Speaker 3: of knowing whether someone who was approaching preservation age was 155 00:09:22,880 --> 00:09:25,480 Speaker 3: being tricked and a victim of a scam. And that 156 00:09:25,600 --> 00:09:28,120 Speaker 3: was one thing that Acid called out back in January 157 00:09:28,559 --> 00:09:32,920 Speaker 3: and which their lobby group said they're be an alarmist. 158 00:09:33,000 --> 00:09:34,960 Speaker 3: There's nothing to see here. More or less. 159 00:09:38,240 --> 00:09:41,520 Speaker 1: Coming up, the super fun say they're the safest place 160 00:09:41,600 --> 00:10:02,800 Speaker 1: in the world to keep your money. Does that stack up, Jared? 161 00:10:02,960 --> 00:10:06,760 Speaker 1: Because they have so much of Australian's money under management. 162 00:10:06,880 --> 00:10:10,559 Speaker 1: Super funds are incredibly powerful as forces in our society 163 00:10:10,800 --> 00:10:13,760 Speaker 1: in terms of what they do or don't invest in, 164 00:10:14,160 --> 00:10:17,360 Speaker 1: what values they expect companies to uphold, if they're going 165 00:10:17,720 --> 00:10:21,199 Speaker 1: to give them our money. What are we seeing do 166 00:10:21,280 --> 00:10:24,160 Speaker 1: you think in the balance of the way super funds 167 00:10:24,160 --> 00:10:26,880 Speaker 1: themselves operate and expect others to operate. 168 00:10:27,840 --> 00:10:30,840 Speaker 3: So it's very much do as I say, not as 169 00:10:31,200 --> 00:10:34,439 Speaker 3: do as I do. And one of the reasons why 170 00:10:34,480 --> 00:10:38,520 Speaker 3: we haven't seen this big diversity, equity and inclusion pushback 171 00:10:39,000 --> 00:10:41,880 Speaker 3: that we've seen happen in the US is because of 172 00:10:42,080 --> 00:10:45,480 Speaker 3: Australia's super funds. Because they sit on about four trillion 173 00:10:45,520 --> 00:10:49,200 Speaker 3: dollars worth of savings and use their enormous clout to 174 00:10:49,280 --> 00:10:52,960 Speaker 3: push their own agenda onto Australia's top companies. That's just 175 00:10:53,000 --> 00:10:55,719 Speaker 3: a reality. They're sitting on the biggest pot of retirement 176 00:10:55,720 --> 00:10:58,240 Speaker 3: savings in the country and they're not afraid to flex 177 00:10:58,280 --> 00:11:02,520 Speaker 3: that financial muscle, but when it comes to their own house, 178 00:11:02,600 --> 00:11:05,160 Speaker 3: it's an absolute mess. They're saying it is one of 179 00:11:05,200 --> 00:11:07,360 Speaker 3: the safest places in the country where you can park 180 00:11:07,480 --> 00:11:10,280 Speaker 3: your money, and that is true, but what we've seen 181 00:11:10,559 --> 00:11:14,400 Speaker 3: is their corporate governance is wanting. They are a soft target. 182 00:11:14,720 --> 00:11:17,880 Speaker 3: They're sitting on trillions of dollars worth of retirement savings. 183 00:11:17,880 --> 00:11:20,840 Speaker 3: That is a huge honeypot for hackers. And if they 184 00:11:20,880 --> 00:11:24,000 Speaker 3: don't clean up their shop, make sure that they adopt 185 00:11:24,000 --> 00:11:26,640 Speaker 3: the same level of governance that they demand from the 186 00:11:26,760 --> 00:11:31,679 Speaker 3: likes of Wistech and other Australian companies, then our retirement 187 00:11:31,720 --> 00:11:35,160 Speaker 3: savings are at risk to these sort of data breaches, attacks, 188 00:11:36,040 --> 00:11:38,120 Speaker 3: you name it. They got to clean up their act. 189 00:11:40,080 --> 00:11:46,360 Speaker 1: Jared Lynch is The Australian's Technology editor. You can read 190 00:11:46,400 --> 00:11:49,560 Speaker 1: all our reporting on this hack and on the superannuation 191 00:11:49,679 --> 00:12:05,319 Speaker 1: sector right now at the Australian dot com dot au