APRA Raises Concerns Over Cybersecurity Amid Geopolitical Tensions
In the 2025-2026 corporate plan presented by the Australian Prudential Regulation Authority (APRA), concerns regarding the impact of geopolitical tensions on cybersecurity were highlighted by APRA Chair John Lonsdale. The ongoing conflicts involving Israel in Gaza and Russia’s actions in Ukraine have been identified as potential catalysts for increased cyber threats against Australia.
Rising Vulnerabilities in Financial Systems
Lonsdale emphasized that operational systems within financial institutions are becoming increasingly susceptible to both technological disruptions and cyberattacks. He states, "The risk environment for cyber attacks could worsen further in the context of escalating geopolitical tensions." This alarming trend suggests that Australian financial services may face not only financial instability but also operational challenges due to external cyber threats.
Hacktivism Emerges as a Threat
Following Prime Minister Anthony Albanese’s decision to recognize Palestine as a state, the response from Israel has heightened tensions, prompting hacktivist groups to strike. DieNet, a distributed denial-of-service (DDoS) attack group, made headlines by claiming responsibility for attacks on both the New South Wales government job portal and the University of Western Australia. On August 19, 2025, they openly announced their DDoS operations on iworkfor.nsw.gov.au, the official job portal of the NSW government. Their actions were framed as a push for the Australian government to boycott Israel, reflecting a growing trend of politically motivated cyber activism.
DieNet issued a statement claiming their attacks were aimed at pressuring Australia to alter its foreign policy stance regarding Israel, framing their efforts as part of a broader movement against perceived complicity in global conflicts.
APRA’s Focus on Artificial Intelligence and New Risks
Lonsdale also pointed out an emerging area of concern: the rapid adoption of artificial intelligence (AI) within Australian banks and financial institutions. APRA plans to evaluate the potential risks associated with AI implementation, indicating a proactive stance towards understanding the implications of this technology on risk management.
In the first half of the fiscal year 2025-26, APRA intends to conduct supervisory evaluations with selected large institutions to assess the adequacy of their risk management practices in relation to AI. Among the concerns likely to be prioritized are job security, privacy, and the management of sensitive data in AI applications.
The Commonwealth Bank of Australia’s AI Initiatives
Australia’s largest bank, the Commonwealth Bank of Australia (CBA), has been at the forefront of AI adoption but faced significant backlash following its recent decisions. Last month, CBA announced plans to reduce its workforce by laying off at least 45 customer service employees, replacing them with AI-driven chatbot support. A representative from CBA defended the move, claiming it would enhance customer service efficiency.
However, the decision drew sharp criticism from the Finance Sector Union (FSU). FSU National Secretary Julia Angrisano expressed concerns about the bank’s strategy, accusing it of disguising job cuts as innovation. Furthermore, it was revealed that the predicted decrease in call volumes due to AI was incorrect, leading to increased workloads for remaining staff and CBA management seeking to intervene by asking team leaders to handle calls.
Impact of Union Pressure on Employment
Following mounting pressure and a dispute with the Fair Work Commission, CBA opted to roll back its mass layoff plans. Current employees have been offered the chance to either return to their positions or accept a voluntary separation payment. Angrisano characterized this as a significant achievement for workers, illustrating the power of collective action but cautioned that the battle against job cuts disguised as innovation is far from over.
Future Goals for APRA
APRA aims to address the highlighted risks and challenges through a structured approach over the next four years. Specific policy and supervisory priorities are slated to be accomplished within the next 12 to 18 months, underscoring APRA’s commitment to enhancing the resilience of Australia’s financial systems amid evolving threats in an increasingly complex global landscape.
