Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Ransom malware hits Australia as 30 businesses attacked

Locks up critical files, blackmails victims for key

Article comments

The 2012 epidemic of ransom malware appears to have turned even nastier with reports that as many as 30 Australian businesses have now asked police for help coping with attacks in a matter of days.

According to local news, police in the state of Queensland have received reports from a dozen businesses while many other are believed to have chosen to keep incidents to themselves.

Businesses affected included those in the medical, entertainment, retail and insurance sectors, the news source said, with several dozen affected in total.

In one recent incident, a business in the Northern Territories reportedly paid an AUD $3,000 (about £2,000) ransom via Western Union to get back access to important financial records, including credit card data and debtor invoices.  The attackers demanded the money within seven days or the sum would increase by AUD $1,000 per week.

Worryingly, this attack used 256-bit encryption, to all intents and purposes impossible to crack if the key has not been exposed during the attack.

"A lot of businesses can't afford the interruptions to their trade and will pay straight away," detective superintendant Brian Hay of Queensland’s fraud and corporate crime group told press.

As well as being encrypted it was also possible that data would be stolen during such attacks to use in other types of fraud, he said. The vulnerability targeted by attackers was to infect users through compromsied websites by targetting common software flaws.

Ransom malware has become a serious issue during 2012, although its effect on businesses is rarely recorded. Most of the data that has become public has been in the form of police warnings based on attacks against consumers.

Most attacks simply attempt to engineer users into believing their files are encrypted when they are not or make more general threats, often to report victims to national police for non-existent crimes.

The use of industrial-strength encryption is rare although this sort of technique is actually where the form started as long ago in 2006 with a piece of malware called ‘Cryzip.’

In August, the FBI said it had been “inundated” with ransom malware reports from consumers, not long after the UK’s Police Central e-Crime Unit (PCeU) publicised an identical spate of attacks that had affected over a thousand PCs in the UK.

In the past the few security companies that have investigated the issue have pinned the blame on a single cabal of Russian criminals that seem able to operate with impunity. Now the same tactics appear to have spread to gangs in nearby countries such as the Ukraine and Romania.

The suspicion is that some security vendors say little about the problem because not only is their software unable to stop infections but they can’t always unlock the files after the fact either.



Share:

More from Techworld

More relevant IT news

Comments



Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *