CreatorsPublishersAdvertisers
View more in
Public Safety

Cybercriminals to face new offences as ransomware attacks grow in Australia

The Guardian
The Guardian
 5 days ago
https://img.particlenews.com/image.php?url=3pc0Ay_0cPgWd0l00
Australian researchers say businesses are increasingly turning to shady ‘ransom brokers’ and coughing up cash that keeps the criminals going.

Cybercriminals who use ransomware will face tougher penalties as the federal government cracks down on those trying to extort Australian businesses.

The Australian Cyber Security Centre reported in September it had received more than 500 ransomware cybercrime reports in 2020-21, an increase of 15%. Cyber ransoms had grown to become “one of the most significant threats to Australian organisations”, the report found.

In ransomware attacks, criminals hack into and take a company’s data, and hold it hostage until a ransom is paid.

The home affairs minister, Karen Andrews, said ransomware gangs were attacking businesses, individuals and critical infrastructure.

“Stealing and holding private and personal information for ransom costs victims time and money, interrupting lives and the operations of small businesses,” she said.

The government’s plan will introduce a new stand-alone offence for cyber extortion; a new stand-alone offence for criminals who target critical infrastructure; the criminalisation of dealing with stolen data, as a separate offence to taking the data, and the criminalisation of the buying or selling of malware for computer crimes.

The plan will also update legislation so “cybercriminals won’t be able to realise and benefit from their ill-gotten gains”, with more powers for law enforcement to freeze financial transactions.

Companies with turnovers of more than $10m a year who are hit by ransomware will also be forced to report the incident.

This week, the Cyber Security Cooperative Research Centre outlined how, in the panicky aftermath of a cyber ransom demand, Australian businesses are increasingly turning to shady “ransom brokers” and coughing up cash that keeps the criminals going.

The centre wants to starve out those cybercriminals – to “make them go hungry”.

Sign up to receive the top stories from Guardian Australia every morning

Rachael Falk, the CEO of the research centre, said cyber insurance was a burgeoning industry in Australia and that insurance companies often used third-party brokers to negotiate and pay the ransom, usually in bitcoin.

Once a company discovered it had been hacked and had data stolen, it needed someone to engage with the cybercriminal.

“If you’re insured and covered for cyber extortion, the company will want to get involved …. they then shepherd you,” Falk said.

“They go through these third-party brokers who work in the shadows. We don’t know a lot about them. They negotiate the price. They won’t give away much but we know that they probably know who the more reputable cybercriminals are.”

Such brokers always existed in the real world, Falk said, dealing with kidnap situations. But now they were working in the online world, where ransomware was rife and demands for payment for the safe return of stolen data was booming.

https://img.particlenews.com/image.php?url=3dSuq5_0cPgWd0l00

The centre’s new report – titled Underwritten or oversold? How cyber insurance can hinder (or help) cybersecurity in Australia – argues that the cyber insurance industry lacks transparency. Often it includes exclusions for “losses occurring as the result of an act of terror or war” but can be vague about what that means.

It also often includes coverage for extortion and ransom payments, which serves “to feed the criminal enterprise of ransomware gangs, especially those that prey on insured organisations”.

“We want to make Australia a harder [place to] target,” Falk said.

“Paying the ransom is just feeding the food chain of the cybercriminals. It’s like the police paying the robbers to get your furniture back.”

Falk said the smarter move by businesses was to better protect their businesses and to back up data so they could get back up and running. There was an additional option for extortion if the hackers had uncovered embarrassing information, or were threatening to publish clients’ private details, she warned.

The federal government’s new plan to tackle ransomware gangs says the government “does not condone the payment of ransoms to cybercriminals”. “There is no guarantee that the payment will lead to your data being recovered, that the data won’t be on-sold, or that you will not be attacked again,” the report said.

Comments / 0

Related
Daily Mail

Australia to introduce a raft of new cyber laws with companies forced to report cyber attacks - here is everything you need to know

Australian companies would be forced to report ransomware attacks and new cyber offences would be created under a federal government overhaul. Home Affairs Minister Karen Andrews has flagged new stand alone offences including for cyber extortion and the targeting of critical infrastructure. Dealing with stolen data knowingly obtained in the...
PUBLIC SAFETY
HackRead

Ransomware gang behind attacks on 100+ companies busted

Law enforcement authorities managed to seize millions in cryptocurrency and luxury vehicles owned by the ransomware gang. In an international coordinated operation, law enforcement authorities in Europe have arrested two suspects in Ukraine accused of running a ransomware gang that was behind large-scale attacks on more than 100 companies around the world.
PUBLIC SAFETY
Dark Reading

Rapid RYUK Ransomware Attack Group Christened as FIN12

Its ransomware targets are big, averaging $6 billion in revenue. It deploys ransomware more rapidly than most groups, within 2.5 days. Healthcare organizations are among its main targets. This prolific ransomware gang - best known for dropping the RYUK flavor of extortion malware and now given the cybercrime group designation of FIN12 by Mandiant - is connected to some 20% of all ransomware attacks that Mandiant has investigated in the past year.
PUBLIC SAFETY
BBC

Engineering firm Weir hit by major ransomware attack

One of Scotland's biggest engineering firms has been hit by a hack of its IT systems, costing it millions of pounds. The ransomware attack on Glasgow-based Weir took place last month, forcing it to shut down some operations. In a statement, the mining equipment firm said it had reacted quickly...
PUBLIC SAFETY
RELATED PEOPLE
Person
Karen Andrews
agdaily.com

Ag auction network is victim of weekend ransomware attack

Over the weekend, another agriculture company was the victim of a ransomware attack. Recently, the food supply chain has been a major target of these types of attacks. Sandhills Global, which operates many agriculture trade and auction websites, announced its online operations were disrupted by the attack. The Nebraska-based company operates several affected websites: According to the Journal Star, Sandhills Global websites that are no longer accessible include Truck Paper, TractorHouse, AuctionTime, Machinery Trader, ForestryTrader, HiBid, RentalYard, Motorsports Universe, CraneTrader, MarketBook, RV Universe, Oil Field Trader, Aircraft, LiveStockMarket, Controller, and Aircraft.com.
AGRICULTURE
techxplore.com

Israeli hospital targeted in ransomware attack

An Israeli hospital was targeted Wednesday by a ransomware attack, officials said, with the state's cyber directorate calling it the first such attack on a hospital in the country. The Hillel Yaffe Medical Center is "currently using alternative systems to treat its patients", it said in a statement, describing the...
WORLD
financemagnates.com

Australia to Impose ‘Harsher’ Penalties for Ransomware Gangs

The Australian government has introduced a set of rulings that seek to punish with stricter penalties for ransomware attackers. According to the Ransomware Action Plan issued by Australia, the measures come in response to the rising trend of such kinds of cyberattacks in the country, which had led to gangs profiting over $10 million yearly.
PUBLIC SAFETY
IN THIS ARTICLE
#Cyberattack#Offences#Ransomware#Australian#Guardian Australia
coingeek.com

Australia’s new ransomware plan to allow freezing, seizure of digital currencies

As ransomware attacks continue to wreak havoc globally, Australia has come up with a plan to combat the crime. Dubbed the Ransomware Action Plan, it sets out a comprehensive government strategy to target criminals behind the vice, including through new criminal charges and allowing authorities to seize digital currencies linked with ransomware payments.
PUBLIC SAFETY
Light Reading

Sinclair hit by ransomware attack

Sinclair Broadcast Group, a company that owns or operates 185 TV stations in 86 markets, was victimized by a ransomware attack over the weekend. The company, which also operates several regional sports networks, said it has identified that some of its servers and workstations were encrypted with ransomware that, in turn, disrupted a portion of Sinclair's office and operational networks.
PUBLIC SAFETY
Forbes

The Evolution Of Ransomware: Blocking Sophisticated 5th Generation Attacks

Jonathan Fischbein is the Chief Information Security Officer at Check Point Software Technologies. Over the last decade, ransomware attacks have not only increased in frequency but also in sophistication. Because victims are willing to pay, more threat actors have joined this growing field, bringing innovation, creativity and more sophisticated attack methods, from ransomware-as-a-service to triple extortion.
CELL PHONES
beckershospitalreview.com

Ransomware attacks and patient mortality: 8 things to know

Report findings and a current lawsuit allege that ransomware attacks and patient outcomes have a direct link. A team from the Cybersecurity and Infrastructure Security Agency launched a study to determine if there is a link between ransomware attacks and patient deaths. Early CISA findings suggest that once an area had a certain percentage of intensive care unit beds filled, it was more likely to see excess deaths two to six weeks later — known as the inflection point.
PUBLIC SAFETY
YOU MAY ALSO LIKE
NewsBreak
Bitcoin
NewsBreak
Public Safety
Country
Australia
inforisktoday.com

FIN12 Ransomware Attacks Aggressively Targeting Healthcare

An aggressive, financially motivated Russian-speaking threat actor group that deploys the Ryuk variant ransomware, leverages Trickbot initial access brokers, and generally skips double-extortion attempts in favor of fast and higher payout ransoms has been predominately targeting the healthcare sector, warns a report from security firm Mandiant. Dubbed FIN12, the threat...
PUBLIC SAFETY
fox10phoenix.com

30 countries pledge ‘shared response’ to ransomware attacks

WASHINGTON - Just as the Biden administration hoped when it scheduled this month’s 30-nation meeting on ransomware and cyber security, the attendees have resolved to fight the issue together. The White House facilitated meetings on Wednesday and Thursday that brought together representatives from countries on every continent. These countries released...
U.S. POLITICS
bleepingcomputer.com

Ransomware operators behind hundreds of attacks arrested in Ukraine

Europol has announced the arrest of two men in Ukraine, said to be members of a prolific ransomware operation that extorted victims with ransom demands ranging between €5 to €70 million. Two arrests in Ukraine. The international law enforcement operation was conducted in coordination with the FBI, the French police...
PUBLIC SAFETY
bizjournals

Could your company recover from a ransomware attack?

Ransomware attacks in North America rose by 158% between 2019 and 2020, according to cybersecurity firm SonicWall’s 2021 report. For many people, ransomware attacks really hit home when the May 2021 Colonial Pipeline ransomware attack brought fuel shortages to the East Coast — and when the June 2021 JBS meat company attack shut down nine beef plants, causing a nationwide meat shortage. Combined, these two companies paid $16 million in ransom to recover their businesses, and those were just the direct costs paid to the hackers, according to reports from CNBC and WSJ. In addition, each company spent millions more in the recovery and restoration of their business systems.
PUBLIC SAFETY
PennLive.com

Ransomware attack hinders central Pa. newspaper

Ransomware extortionists are to blame for a cyber-attack that continues to hinder a Lancaster County publisher’s ability to print a complete newspaper. LancasterOnline is reporting the “significant criminal act” reported earlier this month on Steinman Communications was a ransomware attack, demanding the news organization pay an undisclosed amount of money to unlock files critical to the printing of their daily LNP paper and its weekly papers.
PENNSYLVANIA STATE
The Guardian

The Guardian

34K+
Followers
22K+
Post
8M+
Views
ABOUT

Read the latest news stories, opinion pieces, sports coverage and cultural highlights from The Guardian's award-winning writers

 https://www.theguardian.com

Comments / 0

Community Policy