Several Australian businesses have been hit by a significant ransomware attack that has quickly spread around the world.
The ransomware, known as Petya, emerged in Europe and the US last night, and the government confirmed on Wednesday night that at least two Australian businesses have been hit.
The Ukraine appears to be the worst affected so far, with major firms, airports and government departments struck in the country.
The ransomware exploits a similar vulnerability as the WannaCry attack last month, with malicious software locking a computer or its files until a ransom is paid in bitcoin.
Cadbury’s offices in Hobart have been affected by the ransomware, with a message appearing on the company’s computers demanding $300 be paid in bitcoin before the files are decrypted.
“Perhaps you are busy looking for a way to recover your files, but don’t waste your time. Nobody can recover your files without our decryption service,” the message read.
But concerns have arisen that even if the ransom is paid the files will not be decrypted because the email address included in the message has already been disabled.
While the WannaCry attack struck last month while Australian businesses were already shut down the for the weekend, the new attack is likely to be far worse for local companies.
It was initially believed that Qantas may have also been a victim of the ransomware attack, with its online booking system suffering outages on Wednesday morning. But the airline has since clarified that this was unrelated to the Petya attack.
“The intermittent outages experienced by customers are due to a hardware issue and are unrelated to the malware attack that has impacted other companies,” a Qantas statement said. “To be clear, Qantas has not been impacted by the Petya malware attack.”
Petya hit US and Europe hard. Source: Mobile Security Zone
The attack reinforces the need for governments around the world to work together on cyber security, Minister Assisting the Prime Minister for Cyber Security Dan Tehan said.
“One of the key things about addressing a ransomware attack like this is to make sure we are sharing threat information with our partners overseas, because all the information we can get on the type of threat helps us to mitigate against it here in Australia,” Tehan said.
Australian small businesses need to take “urgent actions” to improve their cyber security and install all relevant patches, Tehan said.
“If your business has been infected you should isolate the affected computer from your network to prevent the software spreading and use backup data to restore information,” he said.
“This ransomware attack is a wake-up call to all Australian businesses to regularly backup their data and install the latest security patches.”
Special advisor to the Prime Minister on Cyber Security Alastair MacGibbon said cyber attacks like this are now inevitable, and all businesses need to be taking active efforts to protect themselves.
“The WannaCry incident of a month or so ago was a wake-up call for us on how this can start impacting across networks,” MacGibbon said.
“We’ve always known this could happen. It’s just a sign again of how connected we are as a community, and we’re not going to be less connected in time, that means we need to step our efforts up to protect ourselves.”
The latest global ransomware coincided with the Western Australian government’s launch of a new digital security policy aiming to protect the public sector from cyber threats like this.
“WA avoided a serious breach last time, and the security updates put in place by government agencies should also protect against this new Petya ransomware,” State innovation and ICT minister Dave Kelly said.
“These ongoing attacks demonstrate the seriousness of the situation and the importance of ensuring WA government agencies are on the front foot in preventing successful attacks.”