Itpa webheader

Australia faces risk of 'leakware' attacks

By Dylan Bushell-Embling
Thursday, 14 November, 2019

Australia faces risk of 'leakware' attacks

Australia could be at risk of a new type of ransomware attack facing public sector networks in which attackers threaten to publish confidential citizen data online.

So said Dr Roberto Musotto, Research Fellow in Cybersecurity and Law at the Edith Cowan University School of Business and Law and at the Cyber Security Cooperative Research Centre.

In an article for The Conversation, Musotto detailed a ransom attack on Johannesburg’s computer network by a hacker group known as Shadow Kill Hackers.

The attack incorporated an emerging style of attack known as leakware, in which attackers threatened to upload stolen sensitive data online unless a ransom was paid.

In this case, attackers claimed to have gained access to finance and personal population information, and threatened to leak it online, destroy it and reveal how they executed the breach if the city did not pay four bitcoins — the equivalent of over $52,000 — in ransom.

While Johannesburg decided not to pay the ransom, it is unknown whether the data has been released, Musotto said.

“The attack suggests cybercriminals will continue to experiment and innovate in a bid to defeat current prevention and defence measures against leakware attacks,” he said.

“The latest Johannesburg attack was the second leakware attack of this type ever recorded, and a similar attack could hit Australia soon. And although our current cyber-attack defences are more advanced than many countries, we could be taken by surprise because of the unique way leakware operates.”

Traditional methods of coping with ransomware, such as keeping meticulous backups, cannot mitigate the risk of stolen data being released online.

In addition, if government bodies do elect to pay the ransom, there is nothing stopping cybercriminals from going back on their words and monetising the stolen personal information.

Musotto said already in Australia, 81% of Australian companies that experienced a cyber attack were held at ransom, and 51% of these paid. But paying only tends to increase the likelihood of future attacks, both on the victim and on other organisations.

Image credit: ©

Information Technology Professionals Association (ITPA) is a not-for-profit organisation focused on continual professional development for its 18,700 members. To learn more about becoming an ITPA member, and the range of training opportunities, mentoring programs, events and online forums available, go to

Related Articles

IT lessons for education from the COVID-19 crisis

From Zoombombing to learning management systems to unreliable internet access, the education...

3 in 4 companies lack an adequate cyber response plan

Research from IBM suggests that 74% of businesses globally still have only ad hoc or...

Akamai mitigates record-setting DDoS attack

Akamai has mitigated what it believes to be the world's largest DDoS attack by packets per...

  • All content Copyright © 2020 Westwick-Farrow Pty Ltd