Australian Government Suffers A Widespread Ransom Attack

Uploaded on 2023-09-21 in TECHNOLOGY--Hackers, GOVERNMENT-National, FREE TO VIEW

Multiple departments and agencies of the Australian government are victims of the cyber attack. In a recent speech Air Marshal and National Cybler Security coordinator, Darren Goldie confirmed that a total 65 agencies had been caught up in the incident.

It is now reported that The Russian ransomware group ALPHV, also known as BlackCat, hacked the commercial law firm, HWL Ebsworth, that operates throughout Australia in April 2023, stealing 3.6TB of confidential data the firm held on behalf of private sector clients as well as a large number oof governmental organisations. It is these that have now been affected. 

ALPHV are the perpetrators of a large-scale ransom attack on major US Casino operators MGMGrand and Caesars Palace. 

ALPHV was one of the top three ransomware groups targeting Australia, according to a recent study by cybersecurity firm Palo Alto Networks. Goldie said that individual agencies would continue to assist affected clients and the investigations under way by the Australian federal police and Victoria police would continue that some clients of the law firm with personal information exposed in the hack have yet to be informed.

Goldie also revealed he had delayed informing the public quickly to avoid sparking anxiety in those potentially affected. He also confirmed the Australian federal police and the Department of Home Affairs were victims of the hack, while also being agencies responsible for investigating it.

When hackers exposed the passports, licenses and medical ID cards of 9.8 million current and former clients of Australian mobile-phone operator Optus last year, the company commissioned Deloitte to review what went wrong. The ALPHV group is typically paid to hack others and has been active since late 2021 and the cyber security company Sophos said the group has consistently targeted large organisations.

Ground News:   HWL Ebsworth:     CSO Online:    Bloomberg:   TEISS:   BankInfoSecurity:   Guardian

Image. Thitima Thongkham

You Might Also Read: 

Seiko Attacked By BlackCat:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« Chinese Hackers Have Been Reading US Government Emails
Exploring How Generative AI Is Contributing To Cybersecurity Threats & Risks »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Identity Theft Resource Center (ITRC)

Identity Theft Resource Center (ITRC)

ITRC is a non-profit organization established to empower and guide consumers, victims, business and government to minimize risk and mitigate the impact of identity compromise and crime.

Wall Street Technology Association (WSTA)

Wall Street Technology Association (WSTA)

The Wall Street Technology Association (WSTA) provides financial industry technology professionals with forums to learn from and connect with each other.

RSA Insurance Group

RSA Insurance Group

RSA is one of the world’s leading multinational quoted insurance groups. Commercial services include cyber risk insurance.

European Organisation for Security (EOS)

European Organisation for Security (EOS)

EOS represents all domains of security solutions and services.providers including ICT information and communications technologies.

EdgeWave

EdgeWave

EdgeWave provides simple but highly effective data security and advanced threat protection in solutions that are affordable, scalable and easy to use.

e-Lock

e-Lock

e-Lock services include IT security consulting and training, security systems integration, managed security and technical support.

Inter-American Cooperation Portal on Cyber-Crime

Inter-American Cooperation Portal on Cyber-Crime

The Inter-American Cooperation Portal on Cyber-Crime was created to facilitate and streamline cooperation and information exchange among government experts from OAS member states.

Cybersecurity Tech Accord

Cybersecurity Tech Accord

The Cybersecurity Tech Accord promotes a safer online world by fostering collaboration among global technology companies.

DataDome

DataDome

DataDome offers real-time AI protection against all OWASP automated threats, including credential stuffing, layer 7 DDoS attacks, SQL injection & intensive scraping.

ValidSoft

ValidSoft

ValidSoft is a security software company, providing telecommunications-based multi-factor authentication, identity and transaction verification technology.

Cypherix

Cypherix

Cypherix is tightly focused on cryptography and data security. We leverage our expertise to deliver state-of-the-art, world-class encryption software packages.

Noname Security

Noname Security

Noname Security detects and resolves API vulnerabilities and misconfigurations before they are exploited.

Zeva

Zeva

Zeva solves complex identity and encryption challenges for the federal government and corporations around the globe.

Adversa AI

Adversa AI

Adversa's mission is to build trust in AI and protect AI from cyber threats, privacy issues, and safety incidents.

Togggle

Togggle

Togggle offers seamless identity verification solutions and distributed infrastructure, enabling organizations to combat fraud and ensure compliance with data protection regulations.

ArmorX AI

ArmorX AI

ArmorX AI (formerly Kapalya) operates an encryption management platform designed to encrypt all data in transit and at rest on mobile end-points, corporate servers, and cloud servers.