Ransomware Attacks Threaten Business & Expose Data
The threat of ransomware attacks on Australian businesses should not be underestimated. Ransomware, a type of malware, is a growing and serious cyber threat to
Australian businesses which has appeared particularly acute during the COVID-19 pandemic with the shift to remote working. Beverage company Lion and logistics company Toll are two examples of Australian companies targeted in ransomware attacks this year which have had varied but noteworthy ramifications.
JACK DANIEL’S MAKER SUFFERS REvil RANSOMWARE ATTACK
Brown-Forman, one of the largest U.S. companies in the spirits and wine business and manufacturer of Jack Daniel’s and Finlandia, has suffered a cyber-attack. The intruders allegedly copied 1TB of confidential data and plan on selling the most important information to the highest bidder and leak the rest.
Sodinokibi (REvil) ransomware operators announced on August 14 that they had compromised Brown-Forman’s computer network and spent more than a month examining user services, cloud data storage and general structure. Following the incursion, the attackers claim they stole 1TB of data that includes confidential information about employees, company agreements, contracts, financial statements, and internal correspondence. Although Brown-Forman detected the attack and intervened before any data could be encrypted, the data the hackers stole is now being used as leverage to extort payment from the company.
CARNIVAL ATTACKED BY RANSOMWARE
Cruise operator Carnival Corp said on Monday, August 17, it launched an investigation into a ransomware attack on one of its brand’s information technology systems. The ransomware was allegedly detected on August 15.
The cruise line operator said in a filing to the U.S. Securities and Exchange Commission (SEC) “the unauthorized (sic) access also included the download of certain of our data files,” the cruise line operator stated in their filing”. The company did not identify the brand that was affected and declined to provide more details, as the investigation process was at an early stage.
The filing also noted that the company does not assess there to be any material impact on the business, operations or financial results. While the unauthorised access of personal data of guests and employees may result in potential claims against the company.
The enduring risk of ransomware must be accounted for in your organisation’s cyber security policies and procedures. The target choice may be a matter of opportunity or based on a likelihood of payment. Keeping operating systems updated, installing antivirus software and backing up files are important defences while a clear procedure which details urgent actions to be taken in the event of such a cyber-incident must be clearly defined while consideration around your organisation’s ability to respond to such an incident within a changed working model is essential.