The chaos-inducing Petya ransomware which swept the globe yesterday and knocked out the Hobart Cadbury factory is likely designed to destroy files, security analysts suggest, rather than hold them to ransom.
The Verge reports the code behind the cyber attack had been specifically modified to destroy files on a disk rather than encrypt them and release them once a ransom had been paid. The hacker has only received a relatively paltry amount of $US10,000 for the widespread attack, compared to the $132,000 gleaned from the preceding WannaCry ransomware.
“We can see the current version of Petya clearly got rewritten to be a wiper and not a actual ransomware,” founder of the cybersecurity firm Comae Matt Suiche said in a blog post.
“We believe the ransomware was in fact a lure to control the media narrative.”
If this trend continues it could mean worrying things for businesses, as the chance of redeeming destroyed files is much lower than redeeming encrypted or otherwise locked files, analysts say.
Noroozi to review fraud prevention at ATO
The Inspector-General of Taxation Ali Noroozi has commenced a review of the Australian Taxation Office’s fraud control off the back of a Senate Committee request, saying in a statement the community expects “very high standards of integrity” from the ATO.
“My review will examine the ATO’s practices, procedures and structures to prevent, detect and address fraud or potential fraud and how these are applied in practice by ATO staff. We will also identify any opportunities for improvement,” Noroozi said in a statement.
“No organisation is immune from the risk of fraud. Robust governance frameworks, regular risk assessment and appropriate controls along with a culture that promotes ethical behaviour are necessary to address risks of fraud and abuse of power.”
The review comes in the wake of am Australian Federal Police investigation into an alleged $165 million tax fraud ring, involving charges laid against Adam Cranston, son of deputy tax commissioner Michael Cranston, who has since stepped down from his position.
Taskforce suggest ASIC could search without warning
A number of draft recommendations from the ASIC Enforcement Review Taskforce have suggested the corporate watchdog should no longer have to warn targets under investigation before seeking a search warrant, reports Fairfax.
In an effort to improve the powers of the Australian Investments and Securities Commission, the taskforce is recommending the changes be implemented, claiming it removes the element of surprise when investigating dodgy targets.
“In effect this provides a warning to individuals under investigation that ASIC is seeking to obtain particular evidential material, thereby affording them the opportunity to destroy, alter or conceal evidence prior to the execution of search warrants,” the draft recommendation says.