Increasing trend of government organisations not disclosing their response to extortion
When hackers were found to have broken into Victoria's court system before Christmas, it presented an increasingly common dilemma – to pay a ransom to recover sensitive files, or risk having them published for the world to see. Targeted entities don't typically reveal which way they go, but experts say it's extremely unlikely the Victorian government would sanction paying a ransom to criminals.
Transcript
00:00 In late December, staff in the audiovisual department of Victoria's court system found
00:07 themselves locked out of their computers and with a ransom note on the screen.
00:12 This is the first publicly known cyber attack on an Australian court system.
00:17 But really it was only a matter of time.
00:19 In the last financial year, the Australian Signals Directorate responded to 127 extortion
00:26 related incidents.
00:28 So why did we only hear about a few of them?
00:30 Some organisations are clearly not communicating with the public and their stakeholders the
00:35 way they should.
00:36 Alistair McGeehan is a former head of the Australian Cyber Security Centre.
00:40 He now works in the private sector.
00:42 We see companies and organisations that don't pay, where they're never contacted by the
00:47 criminal and the criminal doesn't do anything.
00:49 And of course we've seen some terrible examples where payments aren't made and criminals do
00:55 carry out their threat.
00:57 Those are the ones that go public, like Optus, which refused to pay a ransom and saw 10,000
01:03 of its customers' data published online.
01:06 Now experts both public and private advise against paying ransoms.
01:10 It's not that simple.
01:12 Every organisation has to consider the risks, whether it's the safety of individuals or
01:16 whether the cost of fixing the breach is more expensive than paying the ransom.
01:22 When it comes to the attack on Victoria's courts, it's even trickier.
01:26 Alan Lisker is a US-based threat analyst.
01:28 He's seen attacks on court systems around the world.
01:32 Governments are among the least likely agencies to pay, which is unfortunately why we see
01:37 so much court data leaked by these ransomware actors, because they don't get paid for it.
01:42 Alistair McGeehan says more Australian organisations need to speak up about ransom attacks.
01:47 I think we will see more and more of this reporting over the years as organisations
01:52 get more comfortable with owning up to the fact that they're being victims of crime.
01:56 There is no shame in being a victim of crime.
01:59 The shame is on the criminals, but we can all do more to prevent criminality and that's
02:03 what we've got to do in 2024.
02:06 Now most often of course the victims are the general public, because it's their private
02:10 information that's at stake.
02:12 Getting compensation can be difficult, and in this case it might not even be possible.
02:17 [BLANK_AUDIO]