Netwalker Crypto Ransomware Threat Widespread in Australia

Thursday 06 August 2020, 7:00 AM AEST - 1 month ago

New data published by international cybersecurity platform McAfee reveals that the highly prolific Netwalker ransomware, which encrypts the files of victims and demands ransom in Bitcoin, is highly active in Australia.

A report published by McAfee indicates that the activity of the advanced ransomware threat has increased over Q2 2020, developing a complex ecosystem of affiliates and gangs that are earning millions. 

McAfee data reveals the global prevalence of the NetWalker ransomware.

The Netwalker threat was first identified in August 2019, with several variants of the original ransomware tool subsequently appearing around the world. Microsoft’s Threat Intelligence Protection platform isused a warning in April 2020 that Netwalker was used to attack a variety of healthcare and critical service providers around the world.

Interestingly, Netwalker provides victims with access to human operators in order to negotiate ransoms and guide affected individuals through the decryption process after paying their ransom. Groups using the Netwalker ransomware also threaten to exfiltrate sensitive victim data and publish it online if individuals do not pay ransom fees in Bitcoin. 

Aussie Aged Care Providers Hit By Ransomware Data Breach

Netwalker isn’t the only ransomware threat to hit Australian in 2020 —ASX listed aged care provider lost a significant amount of data to overseas-based ransomware platform Maze earlier this week, with the company announcing that it had suffered a breach that saw the hackers copy “some data from (the) IT system and release certain personal data publicly.”

The attack prompted a response from the ACSC on Sunday, highlighting the importance of remaining vigilant against ransomware threats — especially in the aged care and healthcare sectors:

“The Australian Cyber Security Centre (ACSC) is aware of recent ransomware campaigns targeting the aged care and healthcare sectors. Cyber criminals view the aged care and healthcare sectors as lucrative targets for ransomware attacks.”