An Australian business has become the first to be struck down by the ransomware attack currently plaguing the world, with more local computer systems expected to be hit as the country goes back to work on Monday.
As reported by ARN, more than 75,000 attacks have been reported across 99 countries, with the UK National Health Service (NHS) compromised, the Russian government infected and the Spanish telecommunications sector at a standstill.
Since the outbreak started on 12 May, Europol has since branded the attack "unprecedented in its scale", claiming that the true victim count now stands at over 200,000 users across 150 countries.
And following a weekend of high drama both locally and globally, the now infamous WannaCry bug has officially attacked in Australia, leading to federal government warnings that more will follow within the next 24 hours.
"People going back to work on Monday may switch on their computers and see their systems have been impacted,” said Alastair MacGibbon, special advisor to the Prime Minister Malcom Turnbull on cyber security.
“We have one likely incident which is being investigated but we believe there could be more out there.”
Despite declining to comment on the identity of the business, MacGibbon said the damage was so far contained due to the small size of the organisation concerned.
“The affected company doesn't fall under critical infrastructure, it's not a medical or health service and it is not a big company," he said.
“The most important message we want to get out there is that we haven't seen a wholesale impact like we've seen in Europe and other parts of the world. It appears at this stage, it is unlikely there will be any large-scale ramifications.”
When speaking on Sky News, cyber security minister Dan Tehan told reporters that Australia has “escaped a bullet here”, but urged businesses to stay vigilant in the days ahead.
“We’ve got very good reports that businesses have been patching over the weekend but for all those that haven’t, make sure you do,” Tehan added.
With Europe bearing the brunt of the attack, German railways also screeched to a halt, while US-based courier FedEx Corp suffered interference as the ransomware spread to Asia and South America.
Known as WannaCry and variants of that name, the malicious software locked computers in thousands of locations worldwide, demanding US$300 ransom per machine to be paid in cryptocurrency Bitcoin to unlock devices.
“There has been a report to the Australian Cyber Security Centre of one instance of what we believe could be this ransomware,” said Foreign minister Julie Bishop, when speaking to reporters on Sky News.
“There have also been other reports made to our online cyber security network and the difficulty is of course there are literally hundreds of instances of ransomware in Australia each week so we’re currently seeking to confirm whether these are examples of the particular ransomware that has caused so much havoc.”
But even if organisations in Australia had been seriously impacted, history shows that businesses are more likely to keep such breaches under wraps, for fear of repetitional damage.
“Most companies tend to keep these things under wraps,” Katana1 director of technology Ross Ogilvie told ARN.
Despite the global carnage however, a security researcher may have helped stop the spread of the ransomware, through the deployment of a kill switch solution.
As reported by ARN, the kill switch appears to work like this - if the malicious program can’t connect to the domain, it’ll proceed with the infection. If the connection succeeds, the program will stop the attack.
