Ransomware ‘on the rise’
Amid fears thousands of Australian servers hit by massive China attack, a new report says businesses aren’t doing enough.
Amid growing fears thousands of Australian businesses have been caught up in a massive China ransomware attack, a new joint report from Home Affairs Minister Peter Dutton and Telstra chief executive Andy Penn has found 62 per cent of Australian businesses have experienced a cyber-security attack — a figure that’s on the rise.
The report — Locked out: Tackling the ransomware threat, released on Wednesday — highlights ransomware as one of Australia’s fastest growing threats given businesses spend an increasing amount of time participating in the digital economy.
Poor cyber-security hygiene and the proliferation of cryptocurrencies like bitcoin and ethereum are also making ransomware more difficult to tackle, given they’re impossible to trace.
“Protecting your organisation and your customers is the digital equivalent of locking your front door at night,” Mr Penn, the chair of the federal government’s cyber security advisory committee, said on Wednesday.
“There are countless businesses attacked every day in Australia and, in some cases, those victims could have prevented or minimised the financial loss and emotional impact they faced through the use of simple cyber-security controls and employee education.
“This paper is an important contribution to helping Australian businesses understand the risks of ransomware and prepare accordingly by drawing from the committee’s diverse experience.”
The report makes several recommendations relating to email security, multi-factor authentication, software updates, training, backups, data life cycle management and built-in security features.
“Cyber criminals continue to see Australian businesses as an attractive target and ransomware is a particularly disruptive form of cyber attack that can have devastating impacts,” Mr Dutton said.
“The good news is that many ransomware attacks can be avoided by implementing basic cyber security controls and I urge businesses to take the time to review the advisory committee’s advice.”
He said the government had committed $1.67bn to its 2020 cyber-security strategy, including $89.9m to hire 100 cyber detectives within the Australian Federal Police.
It comes amid a massive China Microsoft hack, with an estimated 7000 Australian servers affected by an Exchange email and calendar vulnerability.
Amid fears 7000 servers in Australia and more than 30,000 in the US are affected by the threat, the Australian Cyber Security Centre on Tuesday urged the Morrison government and the states to urgently “patch” their email networks and protect them from state actors who sought to make use of the Microsoft vulnerabilities.
Microsoft has warned users of its Outlook email app that hackers may have been able to monitor and steal emails and install spying tools on computers.
A Chinese Foreign Ministry spokesman in the past week has denied Beijing had any involvement in the hacking.
Avast security analyst Ladislav Zazula said when exploited by cyberattackers, the vulnerability can lead to wiping the computer, installation of ransomware or backdoors, stealing all email addresses and messages as well as spreading to the entire company’s network.
“The attackers can get access to the Exchange server of any company that has not patched it; from there, they can get access to all the information stored in the server,” Mr Zazula said.
“So it is highly advisable that all companies deploy a patch to their Exchange platform immediately, perhaps even update the rest of the software products including anti-malware solutions.”
Magnis gigafactory goes bankrupt
The ASX-listed former market darling may lose the $99.5m invested in its gigafactory IM3NY.
Trump may be best bet to take on China’s DeepSeek
China has shown the world that it’s now game on in the artificial intelligence race, sending markets into a massive tailspin.