On Tuesday, the broadcasting of the Australian television news channel ABC News 24 was suspended for 30 min. The channel went dark after an attack from ransomware with encryption capabilities. As a result from the attack, the service broadcasting had to be con out of Melbourne instead of Sydney.
How Was the ABC Broadcasting Suspended?
The IT experts stated that the malware infiltrated the television channel ABC News 24 through a phishing email. During the same hacking campaign were targeted other large organizations as well. The news channel employees had received emails from Australia Post, which claimed a report on a failed parcel delivery.
A phishing email like that, usually, comes with an attachment which when opened launches the malicious software. Sometimes, however, the email delivers a link that is pointing out to a malicious download.
Australia Post already warned its clients about the phishing emails campaign. The malware experts believe that these fraudulent emails are coming from Russia. The ABC representatives informed the public that the cause of the 30 minutes of stand-by programming was an IT security issue.
The Malicious Emails
According to the media manager of Telstra Queensland, Matthew Martyn-Jones, the emails of the staff had been targeted several weeks earlier; however the attempts were not successful. He further stated that this incident should make people more cautious about the messages that they receive.
The Australian PC users are subject of serious and frequent ransomware attacks. The crypto-malware attacks tend to lock up the information on the compromised computers, and demand a ransom. The security company Symantec has issued a report, according to which in the period May – September these threats in Australia increased with more than 1300 %.
The Ransom
The company further confirmed fake emails from local service providers are also common for that part of the world. The PC users that were targeted were mainly clients of the Australian Postal Delivery Company and the Australian energy supplier. These customers were tricked into checking a fake bill or looking at the details of a parcel delivery. Once the link from the malicious message was accessed by the victims, they were offered to download an archive expected to contain the service supplier notification. That file, in fact, turns out to be ransomware, which once opened encrypts the hard disk data and sends a demand for payment.
The malware experts point out that one of the best methods to make sure that the user’s PC data is safe when it is targeted by crypto malware, is to make backups and to update them on a regular basis. The threats will not steal the information; they will lock it up. This means that after the malware is removed, the users can restore the data from the backup file they have.