EDITOR’S QUESTION
JAMIE HUMPHREY, MD A/NZ AT
CLOUD DATA MANAGEMENT
COMPANY, RUBRIK
Q + A + Q + A + Q + A + Q + A + Q + A + Q + A + Q + A +
Rather than face losing weeks of production,
many might simply bite the bullet and pay
the ransom to have their data restored.
Paying attackers to restore data, however,
is a huge gamble. In fact, the Federal
Government’s Australian Signals Directorate
explicitly recommends against it.
As production line processes are
increasingly automated and datadriven,
Australian manufacturers
have become a favorite target of
ransomware attackers as these processes
can only work with stable and consistent
access to data.
As data is the lifeblood of many
manufacturers, this makes the industry very
attractive to ransomware groups.
A number of Australian manufacturers have
fallen victim this year alone. BlueScope’s
Australian manufacturing operations were
impacted due to a ransomware attack, as
were those of beverage giant Lions who
warned of beer shortages while they fought
to return operations to normal. Further, the
logistics processes of Toll Group ground
to a halt in the wake of two consecutive
ransomware attacks earlier this year.
In a ransomware attack, hackers aim to
trick an employee into opening a malicious
email that executes a piece of malware
which encrypts as much of a business’ data
as it can. The attackers then demand the
business pays a ransom, typically in bitcoin
or another cryptocurrency, in order to
retrieve their files.
These types of attacks are extremely popular
because they require little specialized
knowledge (complete, ready-to-go
Ransomware- as-a-Service kits are easily
available on the Deep and Dark Web),
they have debilitating consequences for
the victim, and – as the recent breaches
highlight – they’re often successful.
In fact, according to a new report,
ransomware attacks are estimated to have
cost Australian businesses up to $240 million
in 2019 alone.
Although there is no ‘silver bullet’ to protect
against falling victim to ransomware, there
are strategies to ensure the disruption
to business in the event of an attack is
minimized. Foremost among them is
restoring operations from back-up data.
Maintaining frequent back-ups is
recommended by both the Australian
Cybersecurity Center and the Australian
Signals Directorate as a way to guard
against ransomware attacks. The more often
critical data is backed up, the easier it is to
restore operations from a point in time just
prior to the infection.
In other words, with a comprehensive backup
strategy, businesses can simply turn back
the clock and continue production as if the
attack never occurred. The more frequently
data snapshots are taken, the quicker
services can return to normal.
In 2017 and 18 we saw WannaCry and
NotPetya sweep the globe. Last year
ransomware attacks took hospitals across
Victoria offline. This year, multiple Australian
businesses have been crippled and 2020
became the year we accepted ransomware
was the new normal. Every company must
accept this new status quo and establish a
ransomware remediation framework to be
better prepared ahead of a breach.
34 INTELLIGENTCIO www.intelligentcio.com