You are using an older browser version. Please use a supported version for the best MSN experience.

Cyber attacks on Australian businesses on the rise but experts not blaming state actors

ABC NEWS logo ABC NEWS 15/05/2020 By political reporter Stephanie Borys
a close up of a red wall: Experts say cyber attacks are becoming more sophisticated. (Unsplash: Taskin Ashiq) © Provided by ABC Business Experts say cyber attacks are becoming more sophisticated. (Unsplash: Taskin Ashiq)

It used to be a business needed a lock on its door and a CCTV camera to protect against criminals, now experts say they need to invest in security they cannot see.

The humble keyboard has been used to wreak havoc on a handful of organisations recently and cyber experts are warning the number of victims will continue to rise.

BlueScope and MyBudget are the latest to confirm they have been subjected to a cyber attack, following Toll Group and Services New South Wales being hit.

At this stage, there are no clear links between the attacks, but ransomware appears to be a common theme.

As the name suggests, attackers steal data and lock it up so victims cannot access it, or attackers prevent a person from using a computer unless they pay a ransom.

Tom Uren, a cyber expert at the Australian Strategic Policy Institute, said attacks using ransomware are happening more often and businesses needed to beef up their security.

"There are a number of different criminal groups who specialise in that type of operation and I think it's unlikely they are connected," he said.

Criminals are becoming more sophisticated with hacking into systems and cyber experts have long called for business owners to turn their focus to online safeguards.

"The way these gangs operate is they try and price it so it's cheaper to pay the ransom than it is to try and fix things."

Online attacks have real-world implications

A cyber attack has forced BlueScope to change how it operates, with the company pausing some of its processes and reverting to manual operations.

It's yet to outline how it was attacked but says it is working to protect and restore systems.

Mr Uren said the reason Australians are hearing about more cyber attacks is because they are impacting day to day operations.

"In times past, data used to get stolen and companies would not report that because they didn't feel like it was material to their share price and I think what's happening now is that when there is a disruption to manufacturing they have no choice but to report it if they are publicly listed," he said.

Toll has been targeted twice this year by ransomware and has been working with the Australian Cyber Security Centre (ACSC).

A ransomware tool known as Mailto was used to launch the first attack, where hackers are believed to have used phishing emails to get into the system.

The company was hacked again this month involving ransomware known as Nefilim, forcing Toll to shut down certain IT systems as it tries to rectify the problem.

Data has been stolen and the attacker has threatened to publish the details if cash is not exchanged.

"It's interesting to think whether they are now an organisation where the sharks have smelt blood," Mr Uren said. 

"I don't know how much they spent to fix their systems after the first incident but either they have not been quick enough or haven't done enough to fix the problem for good."

Toll Group managing director Thomas Knudsen said cybercrime poses an existential threat for organisations of all sizes.

"It makes it more important than ever for business, regulators and government to adopt a united effort in combatting the very real risk it presents the wider community," he said in a statement.

Ransomware has also resulted in money management company MyBudget being forced to shut its system temporarily.

While Service New South Wales has alerted police and federal cyber security agencies after hackers accessed the email accounts of workers and stole customer information.

It is not yet known whether a state actor or criminal group is responsible.

Cyber attacks during COVID-19

Most large-scale cyber attacks on businesses in Australia in recent months have been linked to criminals rather than state actors.

But there has also been a noticeable rise in medical research and hospitals being targeted by hackers worldwide as countries research potential vaccines and treatments for COVID-19.

The Australian Cyber Security Centre has noted that "advanced persistent threat (APT) actors" have been actively targeting health sector organisations and medical research facilities and has urged the sector to beef up its security.

"It is critical that health sector organisations ensure that their networks are protected from malicious cyber actors who may seek to disrupt essential services or compromise business-critical systems," the ACSC said in a statement.

While countries are reluctant to point the finger, the FBI and Department of Homeland Security issued a rare joint statement accusing China of being behind attempts to steal intellectual property.

It is not the first time China has been accused of obtaining confidential information, with Australian universities and political databases being targeted.

More from ABC News

image beaconimage beaconimage beacon