Alastair McGibbon, the Special Adviser to the Prime Minister on Cyber Security, talks about the global ransomware attack; what people can do to prevent it, and whether any Australian businesses were affected
Introduction: Global ransomeware attack
Ross Greenwood: Let’s go now, another big story. Now this is a global story but it’s certainly affecting businesses in Australia including Cadbury the chocolate maker based in Hobart.
Its offices have affectively been frozen by a ransomware attack that has also hit a number of other global companies. Including the UKraine power grid. Ukraine power grid, its banks, government offices and its international airport.
On top of that also, the big advertising agency based in London, WPP. A number of others. What this latest ransomware attack after that WannaCry attack, only a few weeks ago. Has now started to have another big well, as you’ll say detrimental effect on industry around the world.
Let’s go now to the person who is really instrumental in Australia at looking after this. Alastair MacGibbon is the special adviser to the Prime Minister on Cyber Security. Always great with his time.
Alastair many things for your time. Can you just tell us what impact it’s having here in Australia particularly.
Interview: Alastair MacGibbon – Prime Minister on Cyber Security
Alastair MacGibbon: Well Ross, thanks for having me on again. It seems like we talk about this ransomware stuff a bit too often. We should aim not to do again for a while. What I can say is, it would appear that two businesses in Australia have been impacted.
We can’t confirm that yet because we know ransomware impacts Australian businesses sadly on quite a regular basis. We’re looking obviously to see what this particular campaign is doing.
Look, again very similar to the WannaCry matter we spoke about not so long ago. Australia has not been significantly impacted yet. We do know that this can still take several more days. The reason for that is the way this ransomware propagates is the same it seems as the last one.
That is that as it gets into a computer it index the computer. It does two things, that it moves laterally inside a network. If it came into your computer there at your desk inside your radio station, it would try to find other computers on the same network and encrypt them.
Then it will go out onto the internet and search for other potential victim computers. Ones with the vulnerabilities the unpatched computers and then it will jump over to them and keep doing the same thing.
This will take several more days before we know probably the full extent of the impact. Again, we haven’t been seriously impacted but again these things highlight to us why we need to maintain really good hygiene when it comes to our computers.
Ross Greenwood: Obviously back them up. You’ve also said today that if Australians are affected by these types of ransomware attacks. They should not pay any ransom. That’s pretty tough to say when people stand to lose all of the data that they might have if they haven’t backed it up.
Alastair MacGibbon: Yes. The former police officer in me says, “You never pay criminal.” Remember these are the same criminals that actually locked your computer in the first place. Now are asking you to trust them and pay them and they’ll unlock your computer.
One of the particular reasons for saying it in this instance is there have been reports that the email address, the beneficiary email address that is attached to the Bitcoin payment. Which is what these criminals will demand is a payment by this thing called Bitcoin. Has been shut down by the ISP that owns that email range.
As a consequence you could pay the Bitcoin and the criminal isn’t going to be able to get the Bitcoin and therefore they’re not going to unlock your computer. You’d be done twice. You have locked computers and you’ve paid a ransom.
Generally speaking of course, none of us want to fund criminality. None of us want to pay crooks. The best thing of course is not to fall victim. There are two simple bits of advice Ross.
People need to patch or update their Windows operating systems. They need to backup data. If they had patched for WannaCry, if they had updated their computers around the matter we spoke about last, then they aren’t going to be impacted by this particular global campaign.
If they haven’t backed up. Sorry, if they haven’t patched their operating system but they’ve backed up, they can blow away that corrupted computer and reinstall their data and get operating again.
Ross Greenwood: There you go. Alastair MacGibbon the man who looks after our Cyber Security in this country. The special adviser to the Prime Minister. All on that area. As always Alastair we appreciate your time.
Alastair MacGibbon: Thanks very much Ross.
Ross Greenwood: We trust we don’t have to speak to him again in the near future. As I say he is terrific in terms of his communication. Trying to get that message out there.