Vehicle and machinery auction house Manheim faced $30 million ransom
Western Australia’s Consumer Protection agency has issued a cybersecurity warning following the case of a company said by the agency to be facing a $30 million ransom demand, comparing it to the recent Toll Group incident.
The victim was identified as auction house Manheim, whose social media pages – including its trucks and machinery division – revealed its disruptions to sales events in late February.
The ransomware attack occurred on February 14, when cyber criminals locked its computer system in Australia, forcing the company to stop trading.
A company official notes no personal data had been breached, the ransom was not paid, and IT experts were working to restore normal operations and develop a new website.
WA ScamNet has received 68 reports of ransomware or malware attacks since January 1, last year, with the Manheim one similar to the one that affected Toll weeks earlier, disrupting freight and parcel deliveries.
How news broke of the Toll ransomware incident, here
Commissioner for Consumer Protection Penny Lipscombe says businesses should be on alert about these cyberattacks and have effective security measures in place.
“Often the ransomware is downloaded by an employee who opens an attachment in a scam email or clicks on a link, giving the cyber criminals access to the computer system,” Lipscombe says.
“The system is locked by the criminals and files encrypted, followed by a ransom demand to have the system unlocked. Of course, we recommend that companies do not pay the ransom as the criminals are likely to come back asking for more money.
“Paying will also give the criminals added incentive to continue their illegal and highly disruptive practices.
“Instead, seek expert IT assistance to have the computer system restored.
“All businesses should have their cyber security reviewed and updated so that they have the latest anti-virus software and firewalls installed to be protected from malware.
“Staff also need to be trained not to automatically open attachments or click on links in emails, especially if the sender is unknown. Even when senders are known, staff should be vigilant as accounts may have been hacked.
“Money spent on cyber security is money well spent, especially when compared to the cost of having computer systems locked and, in extreme cases, businesses not being able to operate for a considerable amount of time.”
Consumer Protection’s measures to prevent ransomware include:
- do not open attachments that could be infected, especially from unknown senders
- if in doubt about an attachment do not open it, even if it is from someone you know. Their computer or email account could have been hacked
- make sure you have up-to-date anti-virus, anti-spyware and firewall software and scan your computer regularly
- keep a backup copy of your data in a safe place, disconnected from your computer and the internet
- only visit reputable websites and online services.