News flash: women struggle to be heard in the nation’s newsrooms
Posted on 23 Oct 2024
Gender bias persists in Australian newsrooms, despite gender equality's vital role in strengthening…
Posted on 26 Mar 2024
By Matthew Schulz, journalist, Institute of Community Directors Australia
International authorities claim to have “destroyed the online backbone” of a ransomware group that stole data from 70 Australian charities.
The Australian Federal Police (AFP) cooperated with counterparts in 13 other countries to crack down on the LockBit ransomware group under Operation Cronus.
Authorities took control of the LockBit sites to turn the tables on the hackers, using those dark web sites to announce the counter-hack.
Police also arrested several suspects, froze LockBit Bitcoin accounts, shut down servers and websites, and took charge of ransomware infrastructure, such as LockBit’s “StealBit” platform.
The LockBit group targeted Australia’s Pareto Phone charity telemarketing group to devastating effect in August last year. That attack saw the information of nearly 50,000 charity donors from the nation’s leading charities leaked onto the dark web.
Affected charities included WWF Australia, the Australian Conservation Foundation and Plan International Australia. Many charities were infuriated that Pareto Phone allegedly retained customer data for years more than it should have.
Operation Cronus was led by Europol, the UK’s national crime agency’s cyber division, the US Justice Department and the FBI. As well as the AFP, police in France, Germany, Switzerland, Japan, Sweden, Canada, the Netherlands, Finland, New Zealand, Poland and Ukraine were involved.
AFP assistant commissioner Scott Lee said the global taskforce’s investigation was a major breakthrough.
“This investigation has not only taken down the world’s most prolific ransomware group, but also damaged the group’s reputation and credibility beyond repair.
“We have obtained a vast amount of data from investigations so far and will continue to follow all leads and bring those responsible to justice,” Mr Lee said.
The AFP provided a link to the No More Ransom portal which would enable victims to decrypt data that used the LockBit encryption method.
The US Department of Justice in its media release described LockBit as “one of the most active ransomware groups in the world”, saying it had targeted more than 2,000 victims and received more than $184 million in ransom payments.
US Deputy Attorney General Lisa Monaco said the operation had “destroyed the online backbone of the LockBit group, one of the world’s most prolific ransomware gangs”, but would continue to pursue its criminal affiliates across the globe.
Related investigations over the past 18 months led to the jailing of a Russian-Canadian dual citizen this month.
Mikhail Vasiliev was caught in his garage trying to extort three Canadian companies by encrypting computer systems and demanding hundreds of thousands of dollars.
Authorities named Vaisiliev and four other Russian nationals as targets of the LockBit investigation.
Despite the action, reports suggest that LockBit criminals have already re-emerged using new encrpytors and servers.
Australia’s privacy watchdog, the Office of the Australian Information Commissioner (OAIC), is continuing an investigation into the Pareto Phone breach, which it launched in late October.
The investigation appears likely to be completed by late this year, and is expected to examine complaints by several charities that Pareto Phone held onto customer data for years after the information should have been deleted, in breach of privacy laws.
The OAIC is now working with the liquidators of Pareto Phone, given the telemarketing company collapsed owing $17.3 million soon after the hack, when most of its clients abandoned it.
The OAIC’s latest data breach report, released last month, showed breach notifications were up 19% in the six months to December 2023, with Australia’s health sector by far the worst affected. The report showed that malicious attacks remain the most common form of breach, and comprise two-thirds of all breaches. A separate study by Infoxchange suggested 12% of NFPs suffered a cybersecurity incident in the past year.
Australia Information Commissioner Angelene Falk used the latest report to reiterate the dangers of outsourcing personal data handling to third parties.
Ms Falk said the OAIC had witnessed a high number of multi-party breaches, most as a result of a breach of a cloud or software provider.
“Organisations need to proactively address privacy risks in contractual agreements with third-party service providers,” Ms Falk said.
Fundraising Institute Australia (FIA), the Australian Securities and Investments Commission (ASIC), and the Australian Charities and Not-for-profits Commission (ACNC) have also warned organisations in recent months to be more careful when dealing with third-party operators that have access to personal data.
Earlier this month, the Australian Signals Directorate (ASD) released a guide to cybersecurity for charities and not-for-profits. It forms part of a bank of resources available to the sector, including ICDA’s cybersecurity self-assessment tool, released last year.
The ASD’s guide provides suggestions on preventing attacks and preparing for them too.
Posted on 23 Oct 2024
Gender bias persists in Australian newsrooms, despite gender equality's vital role in strengthening…
Posted on 22 Oct 2024
The Australian Tax Office (ATO) has admitted it is on track to fall massively short of its target…
Posted on 22 Oct 2024
Ordinary Australians who go above and beyond to help others in the community and the organisations…
Posted on 21 Oct 2024
Government and the not-for-profit sector must work together to break the cycle of digital…
Posted on 21 Oct 2024
Australian Charities and Not-for-Profits Commission (ACNC) commissioner Sue Woodward will head to…
Posted on 21 Oct 2024
Australians hit hard by the cost-of-living want action on everything from rising utility and…
Posted on 17 Oct 2024
Not-for-profit’s have swamped the Australian Charities and Not-for-profits Commission (ACNC) with…
Posted on 15 Oct 2024
The Australian Tax Office new reporting requirements for not-for-profits are causing a great deal…
Posted on 15 Oct 2024
The Antipoverty Centre’s Kristin O’Connell has first-hand experience of living in economic…
Posted on 15 Oct 2024
Socially conscious international music stars touring Australia are increasingly determined to do…
Posted on 14 Oct 2024
On the anniversary of the failed campaign to enshrine an Indigenous Voice to Parliament, an…
Posted on 14 Oct 2024
Anti-Poverty Week (October 13 to 19) has been held every year for the past two decades.