Assistance Defence Minister Andrew Hastie has launched a new cybersecurity campaign to focus on ransomware after it became one of the most significant cyber threats that Australians and Australian businesses face in the past year.
Ransomware is where cybercriminals use malicious software to deny access to files and devices, then demand the victim to pay a ransom in return for access.
“The Australian Signals Directorate has used, and will continue to use, its broad range of offensive cyber capabilities to disrupt and bring cybercriminal syndicates targeting Australia to their knees,” Hastie said. “Offensive cyber is just one of the tools in Australia’s toolkit.”
Hastie encourages all individuals and businesses affected by ransomware attacks to report their incidents to the Australian Cyber Security Centre (ACSC), which uses the information to learn, warn, and protect others from attacks.
“The ACSC provides vital advice and assistance to defend Australian businesses and individuals against ransomware and brings together the Australian Signals Directorate’s intelligence, offensive cyber and cybersecurity capabilities to defend Australia’s interests from malicious cyber actors.
“The ACSC takes the information it learns from cyberattacks against Australian businesses and uses it to warn and protect further Australian organisations from being targeted,” Hastie said.
Last financial year, the ACSC found that a cybercrime had been reported every ten minutes approximately. The most common cybercrime reported was fraud.
“While the numbers show that fraud is the most common category, the ACSC assesses ransomware as the highest threat,” ACSC said in its report (pdf). “This assessment is based on the fact that ransomware requires minimal technical expertise, is low cost, and can result in significant impact to an organisation, potentially crippling core business functions.”
ACSC recommends that you do not pay the ransom if you are a victim of such an attack because there is “no guarantee” that paying up would fix the problems.
The warnings from Hastie and the ACSC comes weeks after meatworks giant JBS suffered a major cyberattack that left workers out of pocket and shut down operations globally.
“This was a very difficult decision to make for our company and for me personally,” he said. “However, we felt this decision had to be made to prevent any potential risk for our customers.”
Nogueira said the FBI had called the group behind the attack “one of the most specialized and sophisticated cybercriminal groups in the world.”
It is speculated that a Russian-based hacking group is behind the incident.
Hastie recommends that businesses, no matter how large or small, need to implement protective measures to make it more difficult for cybercriminals to harm them.
“Prevention is better than cure, and with cybersecurity, the best offence is often a strong defence,” Hastie said.