Cybersecurity experts have warned Australia will remain vulnerable to a devastating ransomware attack until a higher standard of online protection is consistent across major services such as hospitals.
Ransomware is a form of malware that encrypts a victim’s files before the attacker demands a ransom from the victim to restore access to the data.
It has become an online criminal enterprise worth billions of dollars globally, most notably a ransomware attack last week that shut down the Colonial Pipeline for six days.
The Colonial Pipeline runs oil 8850km from Texas to New Jersey and is arguably the most important oil pipe in the US, with its shutdown causing panic buying and chaos on the east coast.
CNN reported Colonial Pipeline had paid ransom to the cyber criminal group responsible for the attack as it sought to retrieve stolen information, but the amount was not known.
Suelette Dreyfus, a lecturer in computing and information systems at Melbourne University, said a similar incident in Australia was not out of the question.
“Hospitals and health companies, public service organisations, universities and large industrial organisations could be vulnerable, and the past months we have already seen attacks of this type, for example on healthcare institutions like UnitingCare Queensland or the NSW State Transit Authority.
Dreyfus said major services and organisation had room for improvement in cybersecurity, especially with COVID-19 and working from home dramatically increasing the amount of time Australians spend online.
“Australian organisations have been upping their cybersecurity recently, but until the country reaches a high standard across the board, there is potential for a successful attack to cause disruption of services,” she told NCA NewsWire.
Luis Corrons, an online expert at global security firm Avast, said ransomware attacks had the potential to cripple industries globally.
“We have seen a ransomware attack become a global epidemic, when in May 2017 the WannaCry ransomware spread, supposedly infecting over 200,000 PCs around the world, with harms estimated at hundreds of millions, or billions, of dollars,” he said.
“WannaCry was so successful, as it spread as a worm by abusing the existing Windows vulnerability MS17-010 that many businesses and consumers hadn’t patched.
“It’s realistic that a ransomware epidemic like in 2017 could happen again, with an even worse impact than WannaCry if a threat is created with wormlike capacities.”
Corrons said hospitals were prime targets in Australia, especially after an attack on aged and disability care provider, UnitingCare Queensland last month.
The April 26 attack by the Sodinokibi/REvil ransomware gang rendered many IT systems used by hospitals and aged care facilities run by the group inoperable.
“Hospitals and health companies, public service organisations, universities and large industrial organisations could be vulnerable, and the past months we have already seen attacks of this type, for example on healthcare institutions like UnitingCare Queensland or the NSW State Transit Authority,” Corrons said.
“Attacks on such organisations show that cybercrime is no longer just impacting the digital world but public life.
“The major threat nowadays is the profitability of current ransomware attacks. The millions of dollars they are making are attracting more cybercriminal gangs to it; these attacks are targeting all kinds of businesses in different industries all around the world.”
Dreyfus encouraged Australian organisations and businesses to step up their level of cybersecurity.
“(Cybersecurity may overwhelming) but actually, just doing a handful of pretty simple improvements will get you 80 per cent of the way there,” she said.
“That’s especially true for businesses, who have so much to lose if they lose their data.”Do you have an idea for a story?
Email [email protected]