Posted on March 10, 2020 at 1:52 PM
Hackers Demand $30 Million Ransom from a Global Company
An Australia-based global company has been attacked recently, with the hackers demanding $30 million ransom before its system can be unlocked.
According to Consumer Protection WA, the attack on the company’s system has forced it to cease trading, although WA has kept the name of the affected international company hidden.
The company has stated that it’s not going to give in to the demands of the hackers, citing that it has employed US IT experts to build another site and block the hackers. The company, however, stated that no personal information or data of its clients was compromised as a result of the attack.
Attack similar to Toll Group attack
According to the report, the ransomware attack on the company is comparable to the attack on Toll Group two weeks ago, which disrupted parcel delivery and freight services.
Manheim, a car auction giant, is also seriously dealing with some hacking issues. As a result, it has warned customers to be wary of how they handle their personal information, including addresses, dates of birth, driver’s licenses, and other relevant personal information.
However, Manheim has announced that customers should be using specific links. A spokesman for the company said, “Manheim was subject to a malware attack designed to compromise access to our internal systems.”
The spokesman further revealed that the company will is resuming its normal services via a combination of online and in-lane only auctions.
Manheim operates in Australia and has about 145 other locations in the world. The company was a victim of malware attack last month and stated last week it was investigating the issue to find out how the incident happened.
Malware attacks on the increase
Since the beginning of last year, security outfit WA ScamNet says it has received about 68 reports of malware or ransomware attacks.
Penny Lipscombe, Commissioner for Consumer Protection, said that organizations and businesses should be completely aware of the threats posed by these malware actors, adding that a security measure should be in place to prevent or mitigate such attack.
She further pointed out that most times ransomware infiltrates a company’s system when the employee downloads the virus from links of scam emails, giving the cyber attacker access to the employee’s system.
Depending on the position or access level of the employee, the attackers can cause minor major damage to the system’s entire network through that single window, Ms. Lipsombe said.
The criminals can infiltrate the system and even block the system from the user’s access. The next stage is usually a ransom demand before unlocking the system for the user. But there is no guarantee whether the hackers would recall the systems after the ransom is paid.
Ms. Lipsombe reiterated that in the situation of an attack, the best thing to do is engage cybersecurity experts to regain control of the system instead of paying the ransom.
Those who think paying the ransom is a quicker way of regaining control would soon realize that the hackers will not stop demanding after succeeding with the first, she said.
Apart from the likelihood of the criminals coming back to request more money, it could encourage them to continue with their criminal acts and attack other companies. According to Ms. Lipsombe, the best thing to do in this situation is to get IT experts to help restore the systems.
She advised that business organizations should have their cybersecurity regularly updated and reviewed to prevent such type of attack in the future. According to her, it’s better to stay safe from attack than seek for correctional measures after an attack. No matter what security maintenance would cost, the cost of a cyber attack will even be more, she reiterated.
Auction schedule completely back
The spokesman revealed that the purpose of the attack was to compromise access to the company’s internal systems. He further said the company is apologizing to its customers for any inconveniences the attack may have caused. But the normal auction schedule is now fully back in operation