Published on the 12/03/2020 | Written by Jonathan Cotton
Forget about coronavirus for a moment. Another kind of virus just struck the A/NZ wool industry…
Australasian wool sales have suffered in the wake of a ransomware attack on Talman Software, an IT company which processes more than three quarters of wool sales across New Zealand and Australia.
The February 25 ransomware attack saw the forced shut-down of Talman’s Australian Data Exchange and networks, the system used by wool buyers and brokers to record transactions.
Ransomware – a type of malware attack that accesses a user’s private files and threatens to compromise them in some way unless a ransom is paid – is a common form of cyber attack. According to one source, there is a ransomware attack on a business every 14 seconds. By 2021, it will be every 11 seconds.
The industry was vulnerable.
What did they want? The hackers demanded AU$8 million in return for restoring Talman’s access to the data.
Talman however, refused to pay the ransom, instead opting to rebuild the software entirely, moving to a different data centre, using ‘new infrastructure’ and assuring its wool broker users that their data had not been compromised.
Hence, the week-long temporary suspension of wool sales in Australia, preventing around 70,000 bales of wool making it to market and adding to the misery of farmers already reeling under the effects of drought, fire and coronavirus. (Sales continued in New Zealand, with transactions having to be recorded manually).
That’s a lot of disruption stemming from a single breach – so surely there are lessons to be learned here?
There’s plenty, says Roberto Musotto, Cyber Security Cooperative Research Centre Postdoctoral Fellow, Edith Cowan University.
“A ransomware attack on such an important sector of Australia’s economy shows how vital it is for authorities to defend markets against cyber threats,” says Musotto.
One way to do that is to avoid being too dependent on particular technologies, he says.
“The wool industry already knew Talman Software’s dominant role represented a significant vulnerability.”
Indeed, a review produced by Australian Wool Innovation in 2015 found that ‘that industry [was] vulnerable due to its heavy reliance on the Talman product’. (Talman has been a software supplier to the Australasian wool industry since 1976.)
“The Panel is of the view that the wool industry’s heavy reliance on a single and (seemingly) disengaged provider of this crucial piece of infrastructure leaves the industry vulnerable.”
That’s a common problem across sectors, with entire industries sometimes dependent on a single piece of critical infrastructure, says Musotto.
“Having a wider choice of software providers, not to mention an offline alternative, would have reduced or avoided the disruption,” he says.
“Previous ransomware attacks on vital infrastructure, including last month’s attack against Toll Group, have shown the need for companies to keep their operations and IT systems separate.”
The government also has a significant role to play, he says.
“Although the latest attack targeted a commercial company, it damaged the economic welfare of farmers in two countries.
“Fending off future attacks shouldn’t be a job just for companies seeking to safeguard their own profits – governments need to help too.”
That seems to be the position of peak national advocacy and policy body for wool growers in Australia, WoolProducers Australia, which says it will now be ‘progressing the issue at a Federal level’.