Major company faces $30 million ransom demand in cyber-attack

A major international company with an office in Perth is facing a $30 million ransom demand from cyber criminals who have locked its computer system in Australia, forcing the company to stop trading.

A company official has assured Consumer Protection that the personal data of clients has not been compromised and has indicated that they won’t be paying the ransom. IT experts from a parent company in the United States are working to restore normal operations and develop a new website.

The ransomware attack which occurred on 14 February 2020 is similar to the one that affected Toll Group two weeks earlier, disrupting freight and parcel deliveries. WA ScamNet has received 68 reports of ransomware or malware attacks since 1 January 2019.

Commissioner for Consumer Protection Penny Lipscombe said businesses should be on alert about these cyber-attacks and have effective security measures in place.

“Often the ransomware is downloaded by an employee who opens an attachment in a scam email or clicks on a link, giving the cyber criminals access to the computer system,” Ms Lipscombe said.

“The system is locked by the criminals and files encrypted, followed by a ransom demand to have the system unlocked. Of course, we recommend that companies do not pay the ransom as the criminals are likely to come back asking for more money.

“Paying will also give the criminals added incentive to continue their illegal and highly disruptive practices. Instead, seek expert IT assistance to have the computer system restored.”

“All businesses should have their cyber security reviewed and updated so that they have the latest anti-virus software and firewalls installed to be protected from malware. Staff also need to be trained not to automatically open attachments or click on links in emails, especially if the sender is unknown. Even when senders are known, staff should be vigilant as accounts may have been hacked.

“Money spent on cyber security is money well spent, especially when compared to the cost of having computer systems locked and, in extreme cases, businesses not being able to operate for a considerable amount of time.”

Take measures to prevent ransomware:

  • Do not open attachments that could be infected, especially from unknown senders.
  • If in doubt about an attachment do not open it, even if it is from someone you know. Their computer or email account could have been hacked.
  • Make sure you have up-to-date anti-virus, anti-spyware and firewall software and scan your computer regularly.
  • Keep a backup copy of your data in a safe place, disconnected from your computer and the internet.
  • Only visit reputable websites and online services.

Consumer Protection’s WA ScamNet site offers scam reporting, information and tips for prevention, identifies types of scams and where to get help. The Federal Government’s StaySmartOnline site also contains advice for businesses and consumers.

/Public Release. View in full here.