News

Wool auctions crippled by cyber attack

By Country News

A cyber attack caused the cancellation of Australian wool sales in the week ending February 28.««, showing no industry is immune to cyber attacks.»»

Australian Wool Network central and western NSW regional manager Brett Cooper said the attack hit the company that provides the software and computer infrastructure to most of the wool industry.

“The decision was made to cancel the sales for week 35, and transfer the sale to week 36 (last week), so Sydney's sale will be selling over two days, Fremantle over two days and Melbourne sales will occur over three days,” he said.

An Australian Wool Innovation statement said the attack justified its concerns stretching back to 2014 about the over-reliance on the one platform.

“The prolonged drought has already meant many growers have been under extreme cash flow pressure, they are suffering and deserve to be able to offer to sell their wool when they wish and not be put off due to the failure of an offshore-based system,” the statement said.

The computer software used by the wool auction system to collate test data and catalogue sales was hit by a ransomware attack that encrypted data.

Associate Professor Lihong Zheng from the Charles Sturt School of Computing and Mathematics and Graham Centre for Agricultural Innovation said in recent years there has been a dramatic increase in the number of large and successful ransomware attacks.

“The ransomware cyber-attack on the software used by the wool auction system is a type of malware,” Assoc Prof Lihong Zheng said.

“Once infected, it encrypts the files on a user’s device or a network’s storage devices.

“Ransomware can be distributed through a malicious file attached to a phishing email, a malicious URL link in the body of an email, an infected USB device or a vulnerability in the device’s operating system or installed applications.”

Assoc Prof Zheng said it was important to update operating systems and software, back-up data and use multiple security layers to protect against cyber-attacks.

“People should minimise visits to unknown websites, disable macros in Microsoft Office, install and regularly update antivirus and anti-ransomware software, and install a firewall to stop traffic from untrustworthy sources getting onto your device,” he said.