• Chinese espionage: ‘They’ve targeted Australia’
• Aussie hacker mum uses ‘spidey sense’ to catch cyber crims

Between July 12-14, more than 2000 messages were sent to firms confirming their “orders” had been processed but a link to the fake goods contained a virus that locked them out of their own company files.

The crime group then demanded $3400 be paid within 48 hours via a bitcoin account or QR code to unlock and decrypt their own company files. Just how many companies fell for the latest mass attack was unclear.

The email lure to hold firms to ransom include clickable files with headings including “Payment Notification”, “Transaction for your invoice”, “Overdue payment”, “Paid Invoices”, “Sales Invoice”, “Status update”, “Document needed”, “New Order”, “Receipt for your invoice”.

Leading cyber security company Proofpoint said yesterday the ransomware campaign was launched by a well known hacking group known as TA547, identified as targeting Australian emails since November 2017.

They said the group typically distributed high volume email campaigns consisting of hundreds of thousands or even millions of messages targeting all industries but notably construction, transportation, entertainment and media, aerospace and manufacturing.

Australia’s cyber cop, the Australian Signal Directorate’s Australian Cyber Security Centre (ACSC), has declined to comment.

It comes as Australian companies being fleeced of $1 million a day are calling in their own “white hat’’ hackers to fight off cyber attacks, as State-sponsored cyber criminals largely from China and Russia steal secrets, identities and money at unprecedented levels.

Steph Jensen is one of just a dozen female ethical hackers who is at the frontline of Australia’s cyber war, testing the security of Australian IT systems to repel hackers targeting banks, telecommunication and energy companies and government departments.

A security consultant with Australian company CyberCX, Ms Jensen said she was employed to “hack stuff’’ for clients, meaning she tests their IT systems for flaws and vulnerabilities that malicious hackers could exploit.

It can take anywhere from an hour to days to break through a company’s security systems.

“I had a gig a little while ago that was a huge energy company and I only had three days to break in,” she told News Corp Australia.

“That took me like two days to get in, and that was something I would assume would be secure but it really wasn’t.’’

With 500,000 cyber attacks a day, Defence has classified cyberspace as the fifth column “war fighting domain,” – on equal footing with land, sea, air and space.

That means any future militarised conflict is expected to have a hostile cyber dimension to specifically cripple infrastructure, erode confidence in banking and health systems and generally destabilise society.

More than half the businesses in Australia now encounter some form of cyber assault “incident” but most don’t report, it to avoid embarrassment, admission of system weakness or loss of shareholder support.

While reported losses are almost $1 million a day, authorities suspect the true loss figure could be as high as $24 million a day.

An internal report from the Federal Government’s lead agency combating the cyber assault, the Australian Cyber Security Centre (ACSC) has warned the country was in the midst of a cyber war on multiple levels that could have a “a significant impact on our security, our economy and our way of life”.

The Australian Signals Directorate, which houses the ACSC, has identified at least six primary protagonist groups sponsored by nation States, including four from China, where by day outsourced hired hackers attempt to steal intelligence from government agencies, policy and national infrastructure and by night use the same methods and online tools to steal money and identities.

According to the ACSC, 150 cyber attacks were self-reported every day through its new cybercrime reporting portal since July last year, with companies reporting average losses of $915,000 a day.

But it suspects that is just the tip of the cyber crime iceberg, and the true economic loss could be as high as $29 billion a year – or 1.9 per cent of Australia’s GDP.

Economic loss for a company of 500 employees is estimated at $35 million per breach.

Last year the ACSC received more than 4500 appeals for cyber security help.

Malware is malicious software, which hackers use to get unauthorised access to computers and systems. It is often introduced into a system after an employee unknowingly downloads it in an email attachment. It can then be used to steal data, encrypt and ransom files, mimic legitimate communications, or disable and destroy systems.

Defence chiefs have been looking at a whole-of-government and community response to cyber warfare, where the nation is prepped for a disinformation campaign to the point an adversary would look to manipulate search engine optimisation to erode confidence in systems to cause fear and panic.

A public-private counter-influence strategy by authorities in Sweden and Finland and a government-run program in New Zealand have formed part of the review.

Prime Minister Scott Morrison’s unexpected cyber warning earlier this month was the start of a Defence strategy to create shared understanding of vulnerabilities, the threats and resilience required to respond”.

Australia’s cyber tsar Alastair MacGibbon said cyber security failure was “one of the great existential threats we face as a society,’’ and warned people could die as a result.

“Pretty much everything we do now is facilitated by connected technologies. Whether it’s our electricity generation and transmission, our transport, our water, our hospital and medical systems, everything, our banking and finance,’’ he said.

“When you start degrading those systems, when they fail, through criminal or egregious nation-state acts, there will be loss of life.

“If a criminal locks up a vital medical system and through ransomware or some other form of garden (variety) criminal activity. A patient could die and invariably a patient will die.’’

WE’RE NOT READY

Neither the government nor the private sector are adequately prepared for a full-scale cyber war, with Australia “asleep at the wheel” to the ever growing threat, UNSW Canberra Cyber Centre director Nigel Phair warned yesterday.

He said countries like China wanted to acquiesce other nations, to test how robust their systems are for potential later disruption, while thieves were planting viruses by the day to steal money and identities.

“The attacks have always been there but they have become more volumetric, stealthier and payloads and outcomes from them are much harsher so it was signalling to places like China, to all tiers of the business community and those who don’t get it,” Mr Phair said of the Federal Government $1.3 billion investment and plan to hire 500 new cyber spies.

“There have been so many company directors asleep at the wheel when it comes to managing cyber risk, just look at the litany of reports, big brands you’d think would know better and would have the bench strength to invest in information security.”

The calling out State actor nation hackers, such as China, as the Prime Minister Scott Morrison did last month in announcing record funding for the cyber sector was important.

“We have had enough, and we are now calling it out because of the volume and there are diplomacy and trade issues but we need to be leaders in this, we are a G20 nation and we have advanced detection capabilities and advanced offensive capabilities. The difference is we use international norms and the rules of the road before we do anything. But it is state craft by other jurisdictions, it is warfare, planes and ships yes, but cyber is an aspect of that campaign, making for interesting times that we live in … and we nowhere near prepared.”

Originally published as Cyber criminals demand cash in attack on Australian businesses