Cyberattacks are on the rise, and one of the most common practices nowadays would be none other than ransomware.
A while ago, a new campaign included MirCop ransomware that targeted users via phishing emails. Now, the Australian company, Frontier Software has suffered the same fate.
Unfortunately, Frontier Software recently experienced a cyber incident that has resulted in limited access to some of its computer systems and data.
According to South Australia’s Treasurer Rob Lucas, more than 80,000 individuals were affected. But we have to ask: How did the attackers pull it off? What data did they access? The article has everything you need to know.
Conti Ransomeware – 80,000 Targets in an Instance
The Conti ransomware has become a major threat to any company around the world. It’s an extremely damaging malicious actor due to how quickly it encrypts data and spreads to other systems.
The group behind this malware seems to keep themselves busy. In fact, a while ago, they targeted an Irish Health Service with the same ransomware, after one staffer opened a malware-ridden email.
Now, the South Australian government stated that the sensitive personal information belonging to tens of thousands of its employees has been breached as a result of an attack on Frontier Software.
Unlike most cyber attacks, the threat actors got their hands on a lot of sensitive information. According to the South Australian government, the information includes the following:
- First name.
- Last name.
- Date of birth.
- Tax file number.
- Home address.
- Bank account details.
- Tax withheld.
- Payment type (where applicable).
- Lump-sum payment type and amount (e.g. the total amount paid for the period) (if applicable).
- Superannuation contribution.
- Reportable fringe benefits tax amount (where applicable).
Fortunately, one department was not affected due to it not using any of Frontier’s products and it’s the Department for Education.
South Australia’s Treasurer Rob Lucas had an interview with ABC News and stated:
“The highest of the high to the lowest of the low and all of the rest of us in between are potentially impacted, with the exception of teachers and the Department for Education.
Having the bank account details doesn’t give you access to the bank account, but it’s the first step in trying to crack a code in terms of passwords.
We expect the state government to take all possible steps to review its cyber security measures in order to prevent such an event in the future.”
Now, government employees have to treat everything sent or received with proper caution. That includes incoming emails, calls, and SMS.
Moreover, they should reset all their passwords and enable two-factor authentication where possible.
Frontier Software Attack – Threat Actors CONTI-nue their Streak
Conti ransomware’s data leak portal shows a post that resembles the attack details shared by Frontier Software.
Now, they’ve removed the listing, which only means that the negotiations have ended between the attackers and the victims.
Despite going after high-profile incidents against vital national resources, Conti still manages to evade prosecution.
That means we should always be careful in the future, be it near or far. The threat actors behind the ransomware are out there and are definitely not afraid to strike again. Stay safe.