Daily BulletinDaily Bulletin

The Conversation

  • Written by Roberto Musotto, Cyber Security Cooperative Research Centre Postdoctoral Fellow, Edith Cowan University
Ransomware attack on sheep farmers shows there's no room for woolly thinking in cyber security

While many Australians were preoccupied with panic-buying toilet paper, sales of another commodity encountered a very different sort of crisis.

Wool sales were severely disrupted last week by a ransomware attack on IT company Talman Software, which processes more than 75% of sales in Australia and New Zealand.

A ransomware attack is a form of cyber-extortion, involving software that encrypts all of the files on a system. In this case, cyber-criminals then demanded A$8 million to unlock the files. Talman has refused to pay and has instead built a replacement version of the software.

Read more: Ransomware attacks on cities are rising – authorities must stop paying out

Wool sales were halted for several days and hastily rescheduled, with an estimated 70,000 bales held in limbo. The industry’s turnover in a typical week is up to A$80 million, but prices may now drop as the postponed sales cause a glut in the market.

A ransomware attack on such an important sector of Australia’s economy shows how vital it is for authorities to defend markets against cyber threats. It is a matter of when, not if, these attacks will happen. There is a ransomware attack on a business every 14 seconds and by 2021 it will be every 11 seconds.

Read more: What's critical about critical infrastructure?

Diverse defences

How do we improve our resilience? One way is to avoid being too dependent on particular technologies. The wool industry already knew Talman Software’s dominant role represented a significant vulnerability.

Having a wider choice of software providers, not to mention an offline alternative, would have reduced or avoided the disruption.

Previous ransomware attacks on vital infrastructure, including last month’s attack against Toll Group, have shown the need for companies to keep their operations and IT systems separate.

We can define “operations” as the software and hardware that allow a company to keep its assets and processes working. IT systems, meanwhile, are the software and hardware that handles the company’s information and data.

Separating the two would make it harder for hackers to disrupt a company’s operations by invading its IT system. However, this would make it impossible to use IT systems to control operations remotely, which would bring its own pros and cons. Imagine a nuclear power plant – do you fit it with a remote shutdown option that could be crucial in an emergency but might also become a tempting target for hackers?

Read more: Is Australia's electricity grid vulnerable to the kind of cyber attacks taking place between Russia and the US?

Governments need to help

This issue is bigger than simply a threat to companies’ profits. Although the latest attack targeted a commercial company, it damaged the economic welfare of farmers in two countries.

Fending off future attacks shouldn’t be a job just for companies seeking to safeguard their own profits – governments need to help too.

Read more: Hackers are now targeting councils and governments, threatening to leak citizen data

Governments should have a cyber-resilience unit that supports businesses in such emergencies. They should also provide support funds for victims, and national compulsory cyber insurance to guarantee the least disruption possible.

Governments need to defend public and economic infrastructure such as transport networks, power grids and important commercial markets.

Authors: Roberto Musotto, Cyber Security Cooperative Research Centre Postdoctoral Fellow, Edith Cowan University

Read more https://theconversation.com/ransomware-attack-on-sheep-farmers-shows-theres-no-room-for-woolly-thinking-in-cyber-security-132882

'No one would even know if I had died in my room': coronavirus leaves international students in dire straits

arrow_forward

Timing the share market is hard – just ask your super fund

arrow_forward

The Conversation
INTERWEBS DIGITAL AGENCY

Politics

Did BLM Really Change the US Police Work?

The Black Lives Matter (BLM) movement has proven that the power of the state rests in the hands of the people it governs. Following the death of 46-year-old black American George Floyd in a case of ...

a Guest Writer - avatar a Guest Writer

Scott Morrison: the right man at the right time

Australia is not at war with another nation or ideology in August 2020 but the nation is in conflict. There are serious threats from China and there are many challenges flowing from the pandemic tha...

Greg Rogers - avatar Greg Rogers

Prime Minister National Cabinet Statement

The National Cabinet met today to discuss Australia’s COVID-19 response, the Victoria outbreak, easing restrictions, helping Australians prepare to go back to work in a COVID-safe environment an...

Scott Morrison - avatar Scott Morrison

Business News

What to Expect from Your NDIS Verification & Certification Audit

The National Disability Insurance Agency administers NDIS (National Disability Insurance Scheme) in Australia. The NDIS Quality and Safeguards Commission governs it. As a welfare support scheme of...

Sarah Williams - avatar Sarah Williams

Why You May Need A Tower Scaffold Hire

When constructing a building, or even a multilevel structure, you must use a tower scaffold to get you into position. What is unique about this type of scaffolding is that you can build it highe...

News Company - avatar News Company

20 year old Aussie marketing genius helping billion dollar household brands

Australian digital marketing agency, Co Media, founded by 20 year old marketing genius Lucas Cook, is making its mark on the world stage by gaining a number of high profile clients and quickly b...

News Company - avatar News Company



News Company Media Core

Content & Technology Connecting Global Audiences

More Information - Less Opinion