On Feb. 24, Tim Watts, Australia’s Shadow Assistant Minister for Cybersecurity, has published an article in the Financial Review on Feb. 24, criticizing the country’s government for its response to the 2019 “ransomware epidemic.”
Watts states that Australia was not immune to last year’s ransomware outbreaks, citing a Victorian government regional health network that shut down their systems after becoming infected. The incident resulted in multiple surgeries being delayed.
Watts also notes that during late Jan. 2020, Melbourne-based global transport company Toll “lost the use of up to 1,000 servers in a ransomware attack,” forcing the company to implement manual processes. The shadow assistant minister added that Toll’s systems still have not fully recovered.
Watts attacks government silence
Despite the occurrences, Watts claims that the word “ransomware” has not been mentioned in Australia’s parliament in two years. He criticized Prime Minister Scott Morrison’s government for failing to spark public discourse surrounding the issue of ransomware, stating:
“There’s been no public health-style campaign. No minister has faced the media, flanked by cybersecurity experts. No minster has been sounding the alarm internally about the poor cyber resilience of government networks that have been revealed in a series of audits going back five years.”
Australia lacks a ministerial position with a direct cybersecurity portfolio
Watts further criticized the Morrison government for abolishing the ministerial position with direct responsibility for cybersecurity. He asserted that “since Scott Morrison abolished this dedicated role, there has been no one to provide the public, or, the government, with any leadership on the issue." He added:
“We need a dedicated position in government to meet challenges like ransomware — cybersecurity is too complex and too important for it not to be somebody’s day job.”
According to New Zealand-based cybersecurity company Emsisoft, 2,874 ransomware attacks targeted Australia’s public and private sectors, causing approximately $1.08 billion in damages to the country’s economy during 2019.
Monero malware targets Australian banks
On Feb. 25, the Australian Cyber Security Centre (ACSC) announced that Australian banks are being threatened by a hacking group promising Denial-of-Service (DoS) attacks unless “a sum of the Monero cryptocurrency is paid.”
Monero (XMR) is a favored cryptocurrency among darknet market and ransomware operators as transactions are anonymized using a ring-signature system that facilitates “transaction mixing” to occur. The threats have been made by email, and the ACSC has so far received “no reports of the threats eventuating in DoS.”