Itpa webheader

Australia faces risk of 'leakware' attacks

By Dylan Bushell-Embling
Thursday, 14 November, 2019

Australia faces risk of 'leakware' attacks

Australia could be at risk of a new type of ransomware attack facing public sector networks in which attackers threaten to publish confidential citizen data online.

So said Dr Roberto Musotto, Research Fellow in Cybersecurity and Law at the Edith Cowan University School of Business and Law and at the Cyber Security Cooperative Research Centre.

In an article for The Conversation, Musotto detailed a ransom attack on Johannesburg’s computer network by a hacker group known as Shadow Kill Hackers.

The attack incorporated an emerging style of attack known as leakware, in which attackers threatened to upload stolen sensitive data online unless a ransom was paid.

In this case, attackers claimed to have gained access to finance and personal population information, and threatened to leak it online, destroy it and reveal how they executed the breach if the city did not pay four bitcoins — the equivalent of over $52,000 — in ransom.

While Johannesburg decided not to pay the ransom, it is unknown whether the data has been released, Musotto said.

“The attack suggests cybercriminals will continue to experiment and innovate in a bid to defeat current prevention and defence measures against leakware attacks,” he said.

“The latest Johannesburg attack was the second leakware attack of this type ever recorded, and a similar attack could hit Australia soon. And although our current cyber-attack defences are more advanced than many countries, we could be taken by surprise because of the unique way leakware operates.”

Traditional methods of coping with ransomware, such as keeping meticulous backups, cannot mitigate the risk of stolen data being released online.

In addition, if government bodies do elect to pay the ransom, there is nothing stopping cybercriminals from going back on their words and monetising the stolen personal information.

Musotto said already in Australia, 81% of Australian companies that experienced a cyber attack were held at ransom, and 51% of these paid. But paying only tends to increase the likelihood of future attacks, both on the victim and on other organisations.

Image credit: ©

Information Technology Professionals Association (ITPA) is a not-for-profit organisation focused on continual professional development for its 18,700 members. To learn more about becoming an ITPA member, and the range of training opportunities, mentoring programs, events and online forums available, go to

Related Articles

Best of 2019: Getting to grips with privacy obligations

Across the festive season we'll be reprising some of our best articles from 2019. Today, a...

Best of 2019: Cloud customers still making basic security mistakes

Across the festive season we'll be reprising some of our best articles from 2019. Today we...

The highs and lows of IT in 2019

Implementation of legislation, ongoing security challenges, the nbn, skills visas and many other...

  • All content Copyright © 2020 Westwick-Farrow Pty Ltd