According to a recent cybersecurity report, at least seven other companies in Australia are among those affected by the JBS Meat ransomware attack. The cybercriminal group REvil acknowledged responsibility and went ahead to post a list of other affected companies.
The list includes:
The ransomware that facilitated the attack on these organisations was reportedly created by the ransomware-as-a-service provider known as Pinchy Spider. In the current digitized environment, cybercriminals are enjoying a great time, and the service is making it easy for threat actors to deploy such costly attacks.
According to a recent Forbes report, the global increase in cyberattacks like ransomware results from the ease and affordability of launching such attacks. It's now easier than ever to access off the shelf malware, and anyone can become a cybercriminal provided they have something in their cryptocurrency wallet.
The most common approach used by threat actors to access company systems and deploy ransomware attacks is malicious emails with infected links or attachments that unsuspecting employees may click on and unknowingly initiate attacks. They may send the emails to targeted persons in specific organisations or millions of potential victims.
Once the threat is initiated, the attacker will then inform the organisation that their data is encrypted and must pay promptly to access the decryption key. The payments are primarily in cryptocurrency form to shield the threat actor's identity. If you fail to pay within an initial period, they may shamelessly increase the ransom and threaten to delete or sell your data.
These arrangements don't have good faith negotiations, so there's no guarantee that the criminal will help you decrypt the data after payment.
Usually, ransomware contains extraction capabilities that make it easy for criminals to access and steal critical data like log-in credentials. As a result, stopping the attack can be a serious business, and the government has already initiated the proper steps to curb the menace.
The Security of Critical Infrastructure Act 2018 will be helpful in this area. Once passed, the law will require different organisations to report any ongoing and current cyber incidents to the government, allowing it to create a consolidated picture of the attacks' nature and activity level.
But before the legislation comes into effect, you must implement the correct best practices to secure your systems from ransomware and deter threat actors.
Ransomware can be deployed in different forms, and the implications vary. So there's no standard procedure used by business to ward off criminals. Fortunately, the following primary steps will help protect your business from ransomware attacks:
CyberUnlocked is your trusted Australian-based cybersecurity partner with all the technology and expertise to help you navigate the murky waters. Speak to us to discover our comprehensive cybersecurity services.
CyberUnlocked acknowledges the Traditional Custodians of Country throughout Australia and their ongoing connection to land, waters and community. We pay our respects to Elders, past, present and emerging.