- Exclusive
- National
- WA
- Cyber security
This was published 5 months ago
Perth’s Harry Perkins medical research institute under cyber-attack
Hackers claim they’ve published a mountain of data stolen from Perth’s Harry Perkins Institute of Medical Research after the centre refused to pay a ransom.
A ransomware group known as Medusa says the 4.6-terabyte data drop includes vision from internal security cameras and is now freely available on the dark web.
The Harry Perkins Institute has hired a cyber forensics team which has confirmed the theft but not the publication. A spokesperson telling WAtoday patient data, research information and data of donors and supporters of the institute were not stolen.
“We remain committed to protecting the information of all of our donors, researchers, staff and partners and we apologise for any inconvenience that this incident may have caused,” they said.
The Medusa group demanded a ransom of more than $700,000 and gave the Harry Perkins Institute a deadline via a countdown clock on its dark web blog. Time ran out on Friday, which is when the group claims it published the data.
“Our ongoing investigation identified evidence that indicates a subset of files has been taken from this system,” the Institute spokesperson said.
“We are now aware of a claim that this information has been published online by an unauthorised third party. We are urgently investigating this claim and the nature and extent of the published files.”
Curtin University cyber-security expert Associate Professor Mihai Lazarescu says cyber-crime such as this is on the rise and can be more lucrative than selling drugs.
“[This theft] invites more scrutiny, so if this group managed to get video feeds and other information, there will be others wondering, ‘What else can we get?’” he said.
Lazarescu said hackers targeted high-profile organisations to market themselves as guns-for-hire in the world of cyber crime and when it came to the frequency of attacks, the public only heard about the “tip of the iceberg”.
“People need to understand crime is being commoditised; you have groups that are quite happy to pay people with particular skills to develop malware and you deploy the malware, either ransomware or to get more information,” he said.
The Harry Perkins Institute has informed the Australian Cyber Security Centre and WA Police.
9 News Perth