A recent $30 million Perth ransomware incident and previous Toll Group hack point to more cyber attacks. Sydney businesses are advised to ramp up cyber defences.
Another major Australian corporation has been hijacked by criminals who are remanding a $30 million payment to release its digital files. The international organisation’s Perth headquarters reportedly fell victim to a ransomware attack that bears a striking resemblance to one that compromised Toll Group in early February. Australian businesses can anticipate an onslaught of ransomware schemes given the splashy headlines these recent crimes have garnered.
While the company gave assurances to Consumer Protection that personal identity data had not been stolen off by hackers, WA ScamNet warns that at least 68 significant ransomware and malware incursions have occurred dating back to 1 January 2019. The uptick in ransomware schemes in Sydney and across the country appear consistent with digital thieves’ increased use of ransomware.
“Going into 2019, CrowdStrike Intelligence anticipated that big game hunting (BGH) — targeted, criminally motivated, enterprise-wide ransomware attacks — was expected to continue at least at the 2018 pace. However, what was observed was not just a continuation but an escalation. Ransom demands grew larger. Tactics became more cutthroat,” the CrowdStrike 2020 Global Threat Report states.
According to resources such as the Digital Guardian, an estimated 184 million ransomware attacks occur annually. And while massive ransoms such as the recent Perth hack and earlier Toll Group breach make national headlines, statistics point to small, mid-sized, and large companies all being targeted on an almost pay-what-you-can basis.
What should have industry leaders gravely concerned is the fact the cybercriminals, like physical kidnappers, do not necessarily release networks or send businesses a decryption key once the ransom has been paid. It’s not uncommon for criminals to delete data to wipe away digital fingerprints or simply end communication entirely.
Preventing a bad actor from seizing control of business networks begins with employee training and enhanced cybersecurity protocols. Each of the headline-grabbing ransomware attacks has one thing in common. Someone opened a malicious email and clicked on the wrong link.
“Often the ransomware is downloaded by an employee who opens an attachment in a scam email or clicks on a link, giving the cybercriminals access to the computer system,” Commissioner for Consumer Protection Penny Lipscombe reportedly said. “The system is locked by the criminals and files encrypted, followed by a ransom demand to have the system unlocked. Of course, we recommend that companies do not pay the ransom as the criminals are likely to come back, asking for more money. Paying will also give the criminals an added incentive to continue their illegal and highly disruptive practices. Instead, seek expert IT assistance to have the computer system restored.”
Rather than pay hefty ransoms, managed IT cybersecurity consultants work with organisations to enhance workforce awareness about cybercrime tactics and how to spot malicious emails. Ongoing training tends to heighten awareness and proves to be one of the top investments a company can make. The alternative requires Bitcoin payouts and prolonged disruption.
The other side of ransomware prevention involves creating and implementing a disaster recovery strategy with a cybersecurity consultant. Such policies generally include upgrading to enterprise-level cybersecurity and backing up vital data to the Cloud and external hardware daily, among others. This strategy reduces vulnerability because it gives companies a fallback position if hacked.