Cyber security expert warns ransomware attack could happen in Australia

15 May 2017

While Australia may have avoided much of the effects of this week's global ransomware attack that crippled vital operations around the world, including Britain's public health system and Germany's federal railway system, a Deakin University cyber security expert has warned it could still happen here.

Professor Yang Xiang, Director of Deakin’s Centre for Cyber Security Research, said Australians needed to take urgent steps to protect their digital data.

“No country in the world is immune to these kind of large scale cyber-attacks,” Professor Xiang said.

“A wide range of Australian industries, particularly those that haven’t paid attention to keeping their cyber security systems up to date - such as the health and mining sectors - could be susceptible to this and future attacks.”

“To prevent this happening at the individual level, it’s vital that people update all of the security patches and anti-virus programs on each computer,” Professor Xiang said.

“The ransomware only targets specific operating systems and is not affecting Apple iOS systems yet so your iPad and iPhone are safe for now but I would certainly recommend updating operating systems to the latest version.

“It’s a little trickier for businesses as they have larger networks to protect. At the infrastructure level, network administrators would be working around the clock to filter out malicious traffic and this is something that staff at the organisational level should be doing, too.”

Professor Xiang said that ransomware had existed for a long time but this is the first time the world had seen such a large scale attack.

“Ransomware attacks are not unprecedented but the sheer scale of this particular attack has rattled many sectors around the world,” Professor Xiang said.

“It’s a timely reminder that we need to be constantly alert and thinking about how we can protect important sectors that rely on personal data, like hospitals – sectors where compromised security and a lack of access to data can literally put lives at risk.”

Professor Xiang said that anyone affected by the ransomware should seek help and advice from security professionals.

“Unlocking files can be a difficult process which is certainly best left to professionals,” Professor Xiang said.

“Most of all, as tempting as it may be with your data at stake, I would strongly recommend against paying the ransom. It’s not ethical and it just helps criminals to grow their industry while also encouraging copycat attacks.”

Professor Xiang said the high levels of global awareness of the ransomware attack may help to prevent a second wave of attacks.

“While it would be quite easy for the ransomware owners to rewrite the virus for a second attack, I think that the criminals have already hit their targets,” Professor Xiang said.

“The world-wide publicity means that people are on alert and – hopefully – have taken steps to update the security and anti-virus measures on their computers, which would dramatically reduce the number of people who would be vulnerable to a second wave.”

Professor Xiang said the search for the instigators of the ransomware attack would be difficult and time consuming.

“The person or persons who did this are clearly highly organised professionals who have created very sophisticated software,” Professor Xiang said.

“The mechanics of payment for the ransom requests mean that any ransom payments are converted to Bit-coin which is very difficult to trace back to the people who initiate such attacks.”

More like this

Media release School of Information Technology

Related News