Dodging bullet is not good enough
Craig Davies: Time to wipe the sweat from the brow and review your cyber defences
The global cyber attack that hit more than 200,000 computers across 150 countries last weekend should serve as a wake-up call for the Australian businesses and government agencies that have “dodged a bullet”, politicians and experts have said.
Beginning late on Friday Australia time, a malware known as WannaCrypt emerged and rapidly spread across the UK and around Europe. The virus took control of a user's’ files and demanded a payment in bitcoin to restore access to them.
The attack exploited a flaw in Microsoft Windows which was first identified by US intelligence agencies, and which Microsoft issued a security patch for in March this year.
The ransomware crippled hospitals, doctor surgeries and pharmacies in the UK, before being temporarily halted by a UK security researcher who accidentally activated the kill switch by registering a new domain.
According to Minister Assisting the Prime Minister on Cyber Security Dan Tehan, a handful of Australian businesses have been hit in the attack.
Australian Cyber Security Growth Network CEO Craig Davies said that while ransomware is a constant risk, the weekend attack was unique in its ability to spread rapidly.
“The tough thing for Australian businesses is that the difference with this one to many other malwares is they’ve got propagation capability using the weakness that was patched a little while ago. You have an attack and it then finds a way to propagate itself, making it a little more challenge,” Mr Davies told InnovationAus.com.
Australia was likely spared the worst of the attack due to time zones. It first hit when many local businesses were closed for the weekend.
Australian businesses and government departments have “dodged a bullet” this time, but should evaluate cyber security practices and ensure everything is up to date, Mr Davies said.
“Hopefully this will incentivise a number of them to find ways to solve this problem. If it’s not this, it’s something else. It all boils down to good operational practices,” he said.
“Australian businesses need to step back, take a look and say, ‘we’ve dodged a bullet now, but where are we at?’ We need to take these things as an opportunity. We’ve dodged a bullet so let’s review where we’re at. If it’s not this, it’ll be something else,” he said.
“We should never waste a good crisis. What a great time for all Australian businesses to do a sanity check - are we organised should this happen to us? Do we know where our data is? Is everything up to date? Because maybe next time we won’t be as lucky.”
This is a sentiment shared by Microsoft president Brad Smith, who issued a scathing blog post on the recent cyberattack and the US government's role in it.
“The governments of the world should treat this attack as a wake-up call. They need to take a different approach and adhere in cyberspace to the same rules applied to weapons in the physical world,” Mr Smith said.
He said government, tech companies and customers need to work together to protect from further cyberattacks.
“More action is needed, and it’s needed now. This attack demonstrates the degree to which cybersecurity has become a shared responsibility between tech companies and customers. As cybercriminals become more sophisticated, there is simply no way for customers to protect themselves against threats unless they update their systems,” Mr Smith said.
Mr Tehan said the recent global cyberattack is “absolutely a wake-up call”.
“People have to be aware that the impact of ransomware at the moment on the Australian economy each year we estimate conservatively at around a billion dollars. We have seen an attack across Europe in particular which has increased at the scale of these events. We haven’t seen the like of this before but ransomware is occurring here in Australia,” he said.
The Australian Cyber Security Growth Network will now be actively working with Australian businesses to shore up their internal security to prevent further attacks, Mr Davies said.
“This is an ongoing battle for corporates. They know they have to keep up to date, but they run such an arsenal of products that updating can be really tough. This is an opportunity to improve something, and that’s what we stand ready to do,” he said.