Cyber Security News

Cybersecurity authorities release joint advisory against ransomware

Eliza Sayon Feb 10, 2022

2 min read

With ransomware continuing to be a global threat, the ACSC and cyber security partners from the US and UK have released a joint advisory calling out the increase in sophisticated, high impact ransomware attacks directed at organisations in Australia and globally.

Cybersecurity authorities across the three countries have noticed behaviours and trends that cyber criminals were committing in the last year.

It was found that cyber criminals were gaining more access to online networks by phishing, stealing Remote Desktop Protocols (RDP) credentials and exploiting the network’s vulnerabilities.

These methods are likely to remain popular for cyber criminals because of the increased use of remote work and schooling, which expanded the remote attack surface and left network defenders struggling to keep pace with routine software patching.

Cybersecurity authorities have also found that the market for ransomware became increasingly “professional” last year, where the criminal business model of ransomware became well established.

Aside from the increased use of ransomware-as-a-service (RaaS), ransomware threat actors have been employing independent services to negotiate payments, assist victims with making payments, and arbitrate payment disputes between themselves and other cyber criminals.

NCSC-UK observed that some ransomware threat actors even offered their victims the services of a 24/7 help centre to expedite ransom payment and restoration of encrypted systems or data.

The joint advisory from the three countries’ cybersecurity authorities provided essential guidance for organisations and individuals to strengthen their defences against these critical ransomware threats.

Assistant Minister for Defence Andrew Hastie said ransomware could cripple computer systems that Australian individuals and organisations rely on by encrypting files and blocking access and making vital data inaccessible.

“Australia is one of the most secure places to connect online, yet this advisory warns us that we cannot be complacent. We need to be vigilant in updating devices and securing our networks, our businesses and homes,” Assistant Minister Hastie said.

“The Prime Minister in 2020 warned that post-COVID our world will be more dangerous, and more disorderly. We are seeing that playing out with authoritarian governments threatening conflict to achieve political aims – the rise of cybercrime and grey zone tactics like ransomware attacks are now a feature of our current security landscape.”

In last year’s ACSC Annual Cyber Threat Report, the Australian government highlighted that ransomware remains the most serious cyber crime threat due to its financial and disruptive impacts.

With the joint advisory, respective cyber agencies are striking back at the cyber criminals who are seeking to employ ransomware and extort individuals, businesses, and governments.

Ransomware related cybercrime reports to the ACSC rose almost 15 per cent in the 2020-21 financial year, as cyber criminals’ methods evolved to both steal data and threaten its public release as a means to extort considerable ransoms.

Source: Assistant Minister for Defence Media Release

Eliza Sayon

Website | + posts

Eliza is a content producer and editor at Public Spectrum. She is an experienced writer on topics related to the government and to the public, as well as stories that uplift and improve the community.