On January 2, 2024, Australia’s Court Services Victoria announced that there had been a breach of cyber security, which might have led to the sharing of audiovisual content. Thaudio-visual has impacted audiovisual technology networks, which has impacted video recordings, audio recordings, and transcription services. It was reported that there is a high possibility that video records of court proceedings within the time frame of November 1 to December 21, 2023.
Data is one of the most prized possessions that any organization can have. While technology is advancing and reaching new heights every day, the associated risks are also increasing. Data breach is quite a common phenomenon; we don’t realise that sometimes the impact can be quite far-reaching.
While this can be scary, the worst part is that much public data might be at stake. Today, we will talk about one such incident that recently made a big blow to the technological world. While Victoria Court Services is supposedly one of the most protected, this recent attack has been alarming. Recently, an official announcement was made by Australia’s Court Services Victoria. Want to know more about it?
A Dreadful Data Cyber Attack On Victoria Court System
Presently, it is not known or at least officially not divulged by CSV as to who they think the probable perpetrators are. Although CSV took immediate action, it has been reported by the system itself that a bit of data might be at risk.
There has also been speculation that it might be the brainchild of the Qilin Ransomware Gang who carried out the attack. Because of this, many proceedings were stopped, which will be started again in January.
CSV says that They Are Currently Working with the Cyber Security Experts
It is common to wonder when there is such a serious blow to the system, what the officials are doing, and if they have taken any serious actions against the probable ones behind the attack – the Qilin Ransomware Gang.
The CSV has reported that they have notified the concerned authorities, and a written complaint has been filed to take the earliest notice. Even the Victoria Police has been notified about the same. The cybercrime department has taken the same on top priority, and even IDCARE, Australia’s national identity and cyber support community service, is at work.
Along with the government official proceedings, the government authorities have also taken immediate notice and are informing the ones who might be at risk. These include the parties whose recordings might be at risk. The official body has always thought that the security of the court users should be most important and protected under all contexts.
The team had deciphered that the attackers could not access anything but the recordings stored in the network. This means that they did not have access to any court system or records. The team had isolated the network and then deactivated it, ensuring that the operations could be carried out efficiently.
How did they know?
The attack happened on December 8. It was reported by The ABC that the hackers had issued their random note to the court on December 21. The issue was done via their computer, and the text read, “YOU HAVE BEEN PWND.” Are you wondering what this means? Hackers use this common jargon to announce that the attack on the target has been accomplished.
The federal government has issued a strong warning to all the governing bodies. They are always advised not to pay the amount in case of such attacks and ransom demands. This is because paying the amount does not guarantee that the attackers will delete the material.
History has shown continuously that it is common for groups situated out of Russia to usually attack health or legal organizations and then demand payment for the same.
Deciphering Who Are the Qilin Ransomware Group
As mentioned, this cyber attack has surprised the world. It poses a serious question: Who is this group, and what enables them to carry out such activities effectively?
Qilin Ransomware is an infamous group known for using rust-based Ransomware to target its victims. Once they can perpetrate through the system, they hack through the data and take the same under their forte. The group usually tends to charge money for a decryptor and the non-release of the data. They usually have tons of different types of encryption modes with varying agendas and capabilities.
It is believed that the group is known to operate through phishing emails. These emails are responsible for carrying malicious links; once a click is made, they can access the network. It also helps them infiltrate the sensitive data and misuse it.
After Qilin has gotten the initial access, they will move forward and try to scan through the data and search for the ones they want to encrypt. In fact, in the year 2022 itself, Medibank was also hacked similarly. After they refused to pay the ransom, the files were released online.
There is no strong background into who is behind this and what could be the motivating factor other than money. It is a sensitive matter and is a major reason why many people associated with it have not said much. The concerned department has worked proactively and ensured all the proceedings can be carried out without any hindrances. ” We are confident that we will get to the bottom of the matter,” said the authorities of CSV.