Daily Bulletin

The Times Real Estate

.

  • Written by Roberto Musotto, Cyber Security Cooperative Research Centre Postdoctoral Fellow, Edith Cowan University
Ransomware attack on sheep farmers shows there's no room for woolly thinking in cyber security

While many Australians were preoccupied with panic-buying toilet paper, sales of another commodity encountered a very different sort of crisis.

Wool sales were severely disrupted last week by a ransomware attack on IT company Talman Software, which processes more than 75% of sales in Australia and New Zealand.

A ransomware attack is a form of cyber-extortion, involving software that encrypts all of the files on a system. In this case, cyber-criminals then demanded A$8 million to unlock the files. Talman has refused to pay and has instead built a replacement version of the software.

Read more: Ransomware attacks on cities are rising – authorities must stop paying out

Wool sales were halted for several days and hastily rescheduled, with an estimated 70,000 bales held in limbo. The industry’s turnover in a typical week is up to A$80 million, but prices may now drop as the postponed sales cause a glut in the market.

A ransomware attack on such an important sector of Australia’s economy shows how vital it is for authorities to defend markets against cyber threats. It is a matter of when, not if, these attacks will happen. There is a ransomware attack on a business every 14 seconds and by 2021 it will be every 11 seconds.

Read more: What's critical about critical infrastructure?

Diverse defences

How do we improve our resilience? One way is to avoid being too dependent on particular technologies. The wool industry already knew Talman Software’s dominant role represented a significant vulnerability.

Having a wider choice of software providers, not to mention an offline alternative, would have reduced or avoided the disruption.

Previous ransomware attacks on vital infrastructure, including last month’s attack against Toll Group, have shown the need for companies to keep their operations and IT systems separate.

We can define “operations” as the software and hardware that allow a company to keep its assets and processes working. IT systems, meanwhile, are the software and hardware that handles the company’s information and data.

Separating the two would make it harder for hackers to disrupt a company’s operations by invading its IT system. However, this would make it impossible to use IT systems to control operations remotely, which would bring its own pros and cons. Imagine a nuclear power plant – do you fit it with a remote shutdown option that could be crucial in an emergency but might also become a tempting target for hackers?

Read more: Is Australia's electricity grid vulnerable to the kind of cyber attacks taking place between Russia and the US?

Governments need to help

This issue is bigger than simply a threat to companies’ profits. Although the latest attack targeted a commercial company, it damaged the economic welfare of farmers in two countries.

Fending off future attacks shouldn’t be a job just for companies seeking to safeguard their own profits – governments need to help too.

Read more: Hackers are now targeting councils and governments, threatening to leak citizen data

Governments should have a cyber-resilience unit that supports businesses in such emergencies. They should also provide support funds for victims, and national compulsory cyber insurance to guarantee the least disruption possible.

Governments need to defend public and economic infrastructure such as transport networks, power grids and important commercial markets.

Authors: Roberto Musotto, Cyber Security Cooperative Research Centre Postdoctoral Fellow, Edith Cowan University

Read more https://theconversation.com/ransomware-attack-on-sheep-farmers-shows-theres-no-room-for-woolly-thinking-in-cyber-security-132882

Business News

Insulation Solutions for Meeting Modern Industrial Standards

As global energy costs soar and environmental regulations tighten, industries face unprecedented pressure to optimise their operations while minimising their ecological footprint. Modern industrial ...

Daily Bulletin - avatar Daily Bulletin

How Australian Startups Should Responsibly Collect, Use and Store Customer Data?

Owing to the digital landscape, data is the most important currency in the market. From giant e-commerce sharks to small businesses, every company is investing heavily to responsibly collect data an...

Daily Bulletin - avatar Daily Bulletin

Revolutionising Connections - The Power of Customer Engagement Software

As time goes by, customer expectations keep on rising ever so rapidly. Businesses that must keep pace will need future-ready tools to deliver connectedness at every touchpoint. Customer engagement a...

Daily Bulletin - avatar Daily Bulletin

LayBy Deals