16th October 2024 – Australia. Global AI cyber defence leader Darktrace is sounding the alarm for Australian corporate boards to urgently prioritise cyber maturity, following a rash of significant ransomware attacks on Australian companies.

The cybersecurity threat to Australian businesses has intensified with the emergence of a new ransomware group, known as Sarcoma.

This group claimed 30 victims globally over the past week, including four in Australia, underscoring the immediate and severe risks faced by businesses across various sectors and geographies.

Perfection Fresh, a major Australian produce company, confirmed a ransomware attack resulting in the theft of 690 gigabytes of sensitive data, including employee passports and confidential agreements with clients and suppliers.

The Plastic Bag Company, a Sydney-based manufacturer, was also part of the Sarcoma data breach with 3.6 gigabytes of data stolen, including tax returns, wage details, and passport scans of Australian and New Zealand nationals.

Last week, Perth-based companies Advanced Accounting & Business Advisory and Road Advisory Services were also listed as victims of the Sarcoma attacks.

These incidents are part of a larger global campaign. According to cyberattack analysts Hackmanac, Sarcoma claims to have exfiltrated a total of 5,324.76 GB of data from its victims.

The group’s attacks do not appear to be focused on any specific industry or country, though there is a slight preference for the USA, Canada, Australia, and Spain.

Darktrace Regional Vice President, ANZ, Sushant Arora, said the attacks were sobering reminders of the sophisticated and relentless threats facing Australian businesses.

“With multiple companies falling victim in such a short span of time, it is clear that cyber resilience is no longer just an IT issue – it’s a fundamental business imperative that demands immediate board-level attention,” Mr Arora said.

Darktrace’s latest threat report also revealed alarming trends in the cybersecurity landscape.

Between January and June 2024, information-stealing malware strains were the most observed type of malware, accounting for 29% of early triaged investigations, with the three predominant ransomware strains employing double extortion methods.

The threat landscape is further complicated by the rise of Malware-as-a-Service (MaaS) and the exploitation of edge infrastructure vulnerabilities, while email remains a significant attack vector.

Between December 2023 and July 2024, Darktrace detected 17.8 million phishing emails across its customer base, with 62 per cent of these successfully bypassing Domain-based Message Authentication, Reporting, and Conformance (DMARC) verification checks.

In light of these challenges, Darktrace advocates for a multi-layered approach to cyber resilience, combining traditional defences with AI-powered systems.

This strategy is crucial for boards seeking to go beyond compliance and build true cyber resilience in an increasingly volatile digital landscape.

“At Darktrace, we’re seeing first-hand how AI can be a game-changer in cybersecurity defence,” Mr Arora said. “These recent incidents underscore the need for proactive, AI-driven defence mechanisms that can detect and respond to threats in real-time, before sensitive data is exfiltrated.”

Mr Arora also urged Australian boards to take immediate action to enhance their cyber maturity, particularly following the recent introduction of the Cyber Security Act 2024 into Federal Parliament.

The Australian Security and Investments Commission recently announced it would investigate how company directors had prepared to thwart cyberattacks, with Mr Arora saying the increased regulatory scrutiny gave a strong impetus to act.

“Every organisation needs to invest in board-level cybersecurity education and training, implementing AI-powered cyber defence systems, regularly assessing and addressing cybersecurity risks across the entire supply chain, and fostering a culture of cybersecurity awareness throughout the organisation,” he said.

—END

About Darktrace

Darktrace (DARK.L), a global leader in cybersecurity artificial intelligence, is on a mission to free the world from cyber disruption. Breakthrough innovations from our R&D teams in Cambridge, UK, and The Hague, Netherlands have resulted in over 200 patent applications filed. Rather than study historic attacks, Darktrace’s technology continuously learns and updates its knowledge of your business data and applies that understanding to help transform security operations to a state of proactive cyber resilience. The Darktrace ActiveAI Security Platform™ provides a full lifecycle approach to cyber resilience that can autonomously spot and respond to known and unknown in progress threats within seconds across the entire organisation, including cloud, apps, email, endpoint, network and operational technology (OT). Darktrace, which listed on the London Stock Exchange in 2021, employs over 2,400 people around the world and protects over 9,700 customers globally from advanced cyber threats. To learn more, visit https://darktrace.com/