Hackers are continuing to target Australia, with the latest attack on a major cancer clinic in Sydney demonstrating that institutions across the country are still falling behind well behind in their cybersecurity.
New South Wales (NSW) Health said they were alerted to a Medusa ransomware attack on the Crown Princess Mary Cancer Centre on Thursday and are investigating the issue.
A spokesperson for NSW Health told the ABC it did not appear to have impacted NSW Health or the cancer centre’s databases.
“NSW Health continues to investigate this issue which does not appear to have impacted any NSW Health databases, nor Crown Princess Mary Cancer Centre databases,” they said.
“The safety and security of all NSW Health systems remains of the highest importance and is continually monitored and safeguarded.”
The ransomware hackers are demanding $100,000 (US$67,000) for the release of the encrypted data within the next seven days, or they will release the data onto the dark web, according to their ransomware blog, reported technological security company FalconFeedsio in a Twitter post.
The hack is the latest in a string of ransomware attacks by the Medusa ransomware gang, which first emerged in June 2021 and had relatively low activity and victims. However, this changed at the beginning of 2023 when the group launched its ‘Medusa blog,’ which it uses to leak data of victims who refuse to pay.
Previous targets from just the past four months include Chinese oil and gas giant PetroChina International, the Open University of Cyprus, the Minneapolis Public Schools, and the U.S. National Institute of Ocean Technology.
The latest attack comes after the Minister for Cyber Security Clare O’Neil said Australia was five years behind where it should be on cyber security due to failures in the former government’s cyber strategy.
“When we arrived in office, there was no incident response function in the Australian Government to speak of. That is crazy that we’re in that situation,” O’Neil told the ABC on April 18.
“It’s crazy because we are going to—we have experienced large-scale cyber attacks, and to a degree, they will continue.
“Whatever we do, even if we are the most cyber-safe country in the world, we’re still going to see cyber attacks because cybercrime is that prolific. So part of the resilience kind of approach for the government is to make sure that we’re able to help the country recover quickly.”
The Albanese government has been the first to establish a cyber incident response function as part of the Home Affairs department, with Prime Minister Anthony Albanese recently appointing a Cyber Coordinator who will be responsible for conducting this nationally.
The minister has also said she believes Australia is currently not an easy target for hackers.
Read More
“There is an enormous amount of effort going into making sure that Australia is a hard target, and we are making significant ground on that,” O’Neil said.
“We’ve set up Hack the Hackers, which is the first time the Australian government has asked the Federal Police and the cyber guns in the Australian Signals Directorate to work together to basically turn their energies and forces onto debilitating and degrading the ability of the hacking groups.
“And that work is going really, really well, and it’s a model that countries around the world are looking at.”
The Australian government has said it will strike back against cyber hackers, creating a 100-person strong task force staffed by the Australian Federal Police and the Australian Signals Directorate.
The task force has said it will debilitate hackers and ransomware syndicates around the world before crimes have been committed by collecting intelligence and identifying ring-leaders, networks, and infrastructure to disrupt and stop cyber-criminal syndicates.
Since 2022 Australia has experienced a raft of cyber incidents targeting major public companies like Medibank, Australia’s larger health insurer; Optus, the second largest telecommunications company; and EnergyAustralia, one of the three largest energy companies.
Hackers have also attacked Australian universities like Queensland University of Technology, as well as the defence department and private companies Vinomofo, Woolworths’ MyDeal, and Medlab.
Read More