The Australian Signals Directorate's Australian Cyber Security Centre (ACSC) is aware of a number of Denial of Service (DoS) for ransom threats being made against Australian organisations, primarily in the banking and finance sector.
The threats in question are delivered via email, and threaten the recipient with a sustained DoS attack unless a sum of the Monero cryptocurrency is paid. The actors behind these threats claim to be the ‘Silence Hacking Crew', however the ACSC is unable to verify this claim.
The ACSC cannot positively verify the legitimacy of any threats made by the actor. However, the ACSC has received no reports of the threats eventuating in DoS and is aware of a number of DoS threats made in the past against Australian organisations that did not eventuate.
What you need to do
Preparing for any DoS attack before it occurs is by far the best strategy, as this sort of incident can be very difficult to respond to once the attack begins. Well-prepared organisations should be able to operate effectively despite these threats and any potential DoS.
We strongly recommend organisations review the ACSC publication Preparing for and Responding to Denial-of-Service Attacks.
If your organisation is affected by a DoS attack, the ACSC recommends:
Talking to your service provider(s) about their ability to immediately implement any responsive actions.
- Blocking the offending IP address(es).
- Temporarily transferring online services to cloud-based hosting with high bandwidth and content delivery networks that cache non-dynamic websites.
- Preferably using multiple major cloud service providers to obtain redundancy.
- Engage a DoS attack mitigation service for the duration of the incident.
Read ACSC’s guidance on how organisations can prepare and respond to a cyber security incident.
To report a cybercrime, visit ReportCyber.