According to a Deloitte security expert, Australia has seen a surge in the number of ransomware cyber attacks in recent months because Australian businesses are relatively soft targets compared to their counterparts in Europe and the USA.
Ransomware is malware downloaded onto a victim’s computer that encrypts all the data files before presenting the user with a message demanding payment in order to get the files decrypted.
“Australian businesses have seen a massive increase in attacks over the last 12 to 18 months,” James Nunn-Price, Deloitte partner and Asia Pacific cyber leader, told a press briefing in Sydney.
“I am amazed at how many organisations pay the money, because it is easier — then they wonder why they hit again six weeks later, with another nought on the end,” he added.
Nunn-Price suggested there was a culture in Australia to “just sort it out and carry on.”
Deloitte director Mary Galligan — a former FBI cyber special agent who headed the FBI’s post-9/11 investigation — said that while individual amounts charged for decrypting were quite low, profits were massive.
“One group that was taken down by the FBI was charging only $300 to $500, but they had made $30 million the previous year,” Galligan said.
Nunn-Price said a lack of awareness of security at all levels, underinvestment in security, and a shortage of skills all contributed to making Australia, and the Asia Pacific region, a relatively soft target.
“Historically we’ve seen less investment in security in Australia than with our European and North American clients. … There are not many people with the skills to deal with cyber threats in Australia and the region, and the people who have those skills are being gobbled up by companies overseas.”
Deloitte partner, Tommy Viljoen, said there was a lack of awareness of security issues at all levels in Australian organisations.
“There needs to be far more focus on education at board level, at business level, at employee level,” Viljoen said.
“As a nation we need to get up to speed with the ‘does’ and ‘don’ts’ of IT security. There is a serious capability gap in Australia.”
In contrast, Galligan said there was very high awareness of ransomware in the US: “A couple of things happened around the same time — the FBI and the Secret Service took down a huge ransomware group, and that got massive coverage because of the amount of money they stole. And the SEC [Securities and Exchange Commission] came out and issued fines to a company that had been a victim of ransomware. Word got about as to what a huge problem ransomware was.”Read more: Why cyber security was on the World Economic Forum agenda
She added that Deloitte had found a solution to Cyberlocker, one of the most common ransomware tools, which it had shared openly.
The former FBI agent said that both government and non-government organisations in the US had a strong focus on cyber security.
“The National Association of Corporate Directors is really big on cyber security, so they teach all the directors and all the directors sit on the boards of companies and start asking questions,” Galligan said.“Then you have regulator like the SEC pushing it, and probably just as powerful as the SEC is the Federal trade Commission, which represents consumers.”