Australian Ransomware Upate - 11th September 2024

By Tyler W

September 11, 2024

Australian Ransomware Upate - 11th September 2024

We are back! We have been busy the past two weeks dealing with some investigations, however, during that time, ransomware attacks didn't stop. We probably should not be surprised, with ransomware surging in July by 58% breaking records.

Since we last caught up, we have seen 6 more ransomware attacks, on Australian enterprises. This time they are not all by Ransonhub, although they do account for one on a family business, but we have seen 5 groups launch attacks on Australian businesses. Qilin attacked one organisation, who immediately acknowledged the attack and loss of a data subset. This organisation has also taken proactive steps in their protection, and recovery, including involving the ACSC.

Meow attacked an insurance firm, Lockbit attacked two Australian businesses, with one of these being a high profile consultancy firm, which we believe to already have been a victim of the same group previously. Rhysida was also active over the past two weeks accounting for an attack on the retail sector.

Further to these attacks there have also been corporate credentials available for direct sale on some forums. Some on the 'clear web', for between $8k and $20k, and another on the dark web.

All in all it has been an average week on the Australian ransomware and cybersecurity front.

We will continue to monitor these, and all subsequent attacks to help ensure Australian businesses and individuals continue to be mindful of these attacks, and improving our cybersecurity measures.