Most companies pay cyber attack ransom: Here's why

Most companies pay cyber attack ransom: Here's why

WHY THEY PAY: Griffith University's Dr David Tuffley, a cyber security expert.

WHY THEY PAY: Griffith University's Dr David Tuffley, a cyber security expert.


Australian ag at particular risk of cyber attacks, experts warn


THE fact big meatpacker JBS USA opted to pay a massive ransom to hackers who shut down its North American and Australian operations has not surprised Australian cyber security experts.

They do, however, describe the precedent-setting vicious cycle of the ransomware phenomenon as extremely worrying and say Australian agriculture is at particular risk.

Not only are Australian farming sectors high-tech and data-driven but they are providing essential goods and the potential to shut down food supply chains gives hackers a lot of negotiating power.

SEE:JBS not the first meatpacker hit by hackers

JBS USA's chief executive officer Andre Nogueira made the shock announcement last week, reported in international media, that his company paid the equivalent of US$11 million in bitcoin following the attack which disrupted its North American plants and saw processing ground to a complete halt at its Australian plants for the best part of a week.

JBS is the largest processor in Australia, supplying an estimated 25 to 30 per cent of the country's red meat plus significant export volumes.

The Wall Street Journal's interview with Mr Nogueira revealed JBS had secondary backups of all its data, which were encrypted, and paid the ransom after most of its operations were back up and running.

JBS's technology experts had cautioned there was no guarantee that the hackers wouldn't find another way to strike.

One of Australia's leading experts in cyber security, Dr David Tuffley, a senior lecturer at Griffith University's School of Information and Communication Technology, said in most ransomware attacks, companies were paying.

"In reality, if a company has daily backups of all data, it can restore everything quickly, update security protocols and maybe lose only a day's business," he said.

"The problem is, the hackers still have sensitive data - and are not likely to just walk away.

"To secure that data, and to be left alone, companies see it in their interests to pay."

Dr Tuffley said that while cyber security experts and governments understood why ransoms were being paid, "sadly, the precedent is being set and people paying makes it more likely the practice will continue."

A Russian hacking group known as REvil, or Sodinokibi, is believed to be behind the JBS attack.

The United States Justice Department has made some inroads into cracking down on hackers, recovering $2.3m in cryptocurrency paid by Colonial Pipeline, a company targetted a month before the JBS attack.

Colonial reportedly paid a ransom of $5m.

State-sponsored attacks

It wasn't just ransomware criminals who were a threat, particularly where Australian agriculture was concerned, Dr Tuffley warned.

Equally as common as demands for money were state-sponsored attacks aimed at intelligence gathering and information stealing.

Australia farming was one of the most tech-savvy and efficient in the world and there were plenty of nations that "would like to know exactly what Australian farmers were doing," Dr Tuffley said.

"There are lessons to be learned from this - the first is to really tighten up cyber security.

"It's a fast moving threat landscape, rapidly evolving. What was fine last year is likely not fine now. It requires constant vigilance."

For advice, Dr Tuffley recommended contacting the Australian Cyber Security Centre, a government advisory agency available to all businesses.


Start the day with all the big news in agriculture! Sign up below to receive our daily Farmonline newsletter.


From the front page

Sponsored by