The criminal group also threatened to launch a denial of service attack on the company’s website if it didn’t pay. One such attack involves flooding a website with traffic to make it unavailable or unusable.
“Our forensic investigation reveals that the unauthorized third party accessed information on our systems as part of its overall business and posted a dataset of information online,” Medland said in a statement.
“We engaged external IT and cybersecurity experts to conduct a thorough forensic investigation into the incident. We have also assembled a dedicated incident response team, which is working around the clock with our on-site IT vendor to investigate the incident.
“We are deeply concerned that this incident has occurred and take the security of our systems seriously.”
The attack was referred to the Australian Cyber Security Center (ACSC) and Medland said it would comply with reporting obligations to the Australian Information Commissioner’s office.
According to Medland’s website, his project with Nine – editor of The Australian Financial Review – was valued at $ 50 million.
“Medland Engineering has played a decisive role in the navigation [Nine] across the minefield of integrated base building modifications and in search of commercially sensitive integrated design solutions, ”its website states.
“We were hired to design, document and monitor construction for all construction services. Our innovative design solutions include Tier 1 resiliency to the services of 80 rack data centers and associated infrastructure, always challenging in an office environment. “
This [ransomware] The campaign actively targets Australian organizations in various sectors.
– Australian Cyber Security Center
Nine said on Tuesday that the company does not have access to its software, systems or ongoing support.
“They have been involved in the design, engineering of the physical building and have no connection with our software systems,” a spokesperson said. “We have been in contact with them to check the big picture.”
Medland’s website details a range of top clients including business law firms Clayton Utz, Minter Ellison, Gilbert + Tobin, Baker Mckenzie and DLA Piper, as well as Microsoft, Suncorp, BHP, NRMA, KPMG and Google.
the ACSC revealed this week that Australia was one of a group of countries targeted by a “ransomware campaign” using the Avaddon malware.
“This campaign is actively targeting Australian organizations in a variety of sectors,” the CCAA said on its website.
Avaddon is offered as Ransomware-as-a-Service (RaaS), allowing other criminal actors to use it as they wish, provided they donate a percentage of the profits to the group.
The ACSC said it was aware of several instances where the Avaddon ransomware directly affected organizations in Australia.
the Financial analysis is aware of the group’s attacks on listed renewable energy company ASX Carnegie Clean Energy – although the company said the incursion was “unimportant” to its operations – and NSW Labor.
Global telecommunications giant NTT’s 2021 Global Threat Intelligence report found a 300% increase in cyberattacks against certain sectors of the economy, with healthcare, manufacturing and finance leading the increase.
Attacks on the manufacturing sector fell from 7% last year to 22%, health care went from 7% to 17% and funding rose from 15% to 23%, according to NTT.
NTT’s national cybersecurity director John Karabin said attacks were increasingly targeted and, although ransomware is a major problem, NTT has also seen an increase in computer hijackings to mine crypto. change.
Mr Karabin said the attacks were evenly split between very sophisticated and highly funded criminal groups and nation state actors. “It is often difficult to tell the difference,” he said.
“It’s sort of a perfect storm for us right now in terms of how we have to think about threat, and actually how we have to think about how we defend ourselves.
“The banks aren’t closing the doors and everyone is walking away, and unfortunately for businesses now, they can’t afford that either. Their business, in one way or another, is accessible 24/7. ”
The ACSC publicly advises companies to never pay a ransom because there is no guarantee that the cybercriminals will decrypt the files after the ransom is paid, and there is a chance that the files will not be recoverable.