It used to be a business needed a lock on its door and a CCTV camera to protect against criminals, now experts say they need to invest in security they cannot see after a number of Australian companies were targeted by hackers.

It used to be a business needed a lock on its door and a CCTV camera to protect against criminals, now experts say they need to invest in security they cannot see.
Key points:

A number of Australian businesses have been the target of attacks in recent weeks
Cyber experts think it is “unlikely” attacks are connected
Increase globally of attacks on medical research and hospitals amid COVID-19 pandemic

The humble keyboard has been used to wreak havoc on a handful of organisations recently and cyber experts are warning the number of victims will continue to rise.
BlueScope and MyBudget are the latest to confirm they have been subjected to a cyber attack, following Toll Group and Services New South Wales being hit.
At this stage, there are no clear links between the attacks, but ransomware appears to be a common theme.
As the name suggests, attackers steal data and threaten to publish or use the information against the victim if they do not pay up.
Tom Uren, a cyber expert at the Australian Strategic Policy Institute, said attacks using ransomware are happening more often and businesses needed to beef up their security.
“There are a number of different criminal groups who specialise in that type of operation and I think it’s unlikely they are connected,” he said.
Criminals are becoming more sophisticated with hacking into systems and cyber experts have long called for business owners to turn their focus to online safeguards.
“The way these gangs operate is they try and price it so it’s cheaper to pay the ransom than it is to try and fix things.”
Online attacks have real-world implications
A cyber attack has forced BlueScope to change how it operates, with the company pausing some of its processes and reverting to manual operations.
It’s yet to outline how it was attacked but says it is working to protect and restore systems.
Mr Uren said the reason Australians are hearing about more cyber attacks is because they are impacting day to day operations.
“In times past, data used to get stolen and companies would not report that because they didn’t feel like it was material to their share price and I think what’s happening now is that when there is a disruption to manufacturing they have no choice but to report it if they are publicly listed,” he said.
Toll has been targeted twice this year by ransomware and has been working with the Australian Cyber Security Centre (ACSC).
Ransomware, like this attack on a Cadbury computer from 2017, encrypts data and refuses to return it until a person pays to get it back.(Twitter: Leon Compton)
A ransomware tool known as Mailto was used to launch the first attack, where hackers are believed to have used phishing emails to get into the system.
The company was hacked again this month involving ransomware known as Nefilim, forcing Toll to shut down certain IT systems as it tries to rectify the problem.
Data has been stolen and the attacker has threatened to publish the details if cash is not exchanged.
“It’s interesting to think whether they are now an organisation where the sharks have smelt blood,” Mr Uren said.
“I don’t know how much they spent to fix their systems after the first incident but either they have not been quick enough or haven’t done enough to fix the problem for good.”
Toll Group managing director Thomas Knudsen said cybercrime poses an existential threat for organisations of all sizes.
“It makes it more important than ever for business, regulators and government to adopt a united effort in combatting the very real risk it presents the wider community,” he said in a statement.
Ransomware has also resulted in money management company MyBudget being forced to shut its system temporarily.
While Service New South Wales has alerted police and federal cyber security agencies after hackers accessed the email accounts of workers and stole customer information.
It is not yet known whether a state actor or criminal group is responsible.
Your questions on coronavirus answered:
Cyber attacks during COVID-19
Most large-scale cyber attacks on businesses in Australia in recent months have been linked to criminals rather than state actors.
But there has also been a noticeable rise in medical research and hospitals being targeted by hackers worldwide as countries research potential vaccines and treatments for COVID-19.
The Australian Cyber Security Centre has noted that “advanced persistent threat (APT) actors” have been actively targeting health sector organisations and medical research facilities and has urged the sector to beef up its security.
“It is critical that health sector organisations ensure that their networks are protected from malicious cyber actors who may seek to disrupt essential services or compromise business-critical systems,” the ACSC said in a statement.
While countries are reluctant to point the finger, the FBI and Department of Homeland Security issued a rare joint statement accusing China of being behind attempts to steal intellectual property.
It is not the first time China has been accused of obtaining confidential information, with Australian universities and political databases being targeted.
What you need to know about coronavirus:
How effective and how safe is the COVIDSafe app?

Breaking news

The eighth round of Corps Commander-level talks between India and China is likely to take place on Friday.

Police were attacked as people made the most the last hours before restrictions are introduced

President Donald Trump is chipping away at former Vice President Joe Biden’s lead in Arizona, raising the possibility that he could take the state, giving him more options in any path to the…

Supporters of President Trump took to an Arizona elections center Wednesday night to demand that workers keep counting votes, according to multiple reports.

A Fort Hood soldier has been arrested in connection with the 2019 murder of 32-year-old Chelsea Lynell Cheatham in Killeen, Texas, according to a news release from the Killeen Police Department.

Joe Biden is just six electoral votes away from reaching 270 in the presidential race. Here is what we know as we turn to Thursday.

The most dangerous implication of this election is that tens of millions accept a fictitious world created by an autocrat and marketed by Fox News.

India News: Speaking to reporters in Mumbai, the Rajya Sabha MP also said that Bharatiya Janata Party (BJP) was free to protest against Goswami’s arrest if they t

It used to be a business needed a lock on its door and a CCTV camera to protect against criminals, now experts say they need to invest in security they cannot see after a number of Australian companies were targeted by hackers.