Australia’s OOH sector paid A$5000 to cyber hacker to retrieve lost data

EditorNews Make a Comment

Australia’s Outdoor Media Association has paid A$5000 in the form of bitcoin, to retrieve more than 60 weeks of data, after the company experienced a cyber attack last month.

The company was attacked at 10:25pm several weeks ago, according to a piece in Aussie ad-media site Mumbrella, written by Zoe Samios.

Samios reports that OMA ceo Charmaine Moldrich is now sharing – via a blog on the OMA website – what the OMA had learned about avoiding cyber hacks.

“In my living memory, there were a couple of decades (namely the 1960s and ’70s) where bank robbers were a dime a dozen. It seemed that armed robbers were on the TV news and front pages of newspapers just about every day,” Moldrich wrote.

“But the turn of the 21st century seems to have brought a new age type of robber – the cyber robber – who seems to have taken over the heists in this new digital interconnected world.”

Moldrich explained the company’s last full off-site backup was six-and-a-half weeks old, which “ostensibly” had meant the company lost 65 weeks of work (10 employees x 6.5 weeks).

However, the hacker did not get into bank accountants or the association’s key business functions.

Charmaine Moldrich: “I was willing to risk losing $5000 to get back 65 weeks information.”

“Although told not to pay the hackers, I was conflicted, but I was willing to risk losing $5000 to get back 65 weeks’ information.”

She said the association had previously discussed an off-site back up and a computer upgrade but had stalled actioning it as the association had overspent its capital budget.

“That decision cost us $5000 in cash and close to $20,000 in productivity losses,” she said.

Although told not to pay the hackers, Moldrich said she couldn’t let go of the fact she had lost 65 weeks of work, arguing it was a matter of “risk analysis”.

“I was conflicted, but I was willing to risk losing $5000 to get back 65 weeks information,” she wrote.

“What I learnt was that it is less of an issue of hackers reneging on their side of the deal, and more about security agencies/good hackers shutting down payment links to disrupt the hacker’s activities (and therefore also interrupting the two-way flow between the bitcoin ransom being paid and the key to unlock the files being sent).

“While I was resolving this conundrum, we tried to purchase a bitcoin. This isn’t as easy as you may think. Rookie mistake number one: trying to buy bitcoin with a credit card! It can’t be done. But who has a lazy $3,000 hanging around in cash to pay for a bitcoin?

“Notwithstanding this, buying bitcoin via a bank transfer involved far too many levels of information disclosure, and this made me very nervous.”

Moldrich went on to explain a “cyber angel” has bypassed the hackers’ link and allow for direct negotiations through the dark web.

“We were finally able to send the hackers a file to unlock, to prove that they were genuine and had the solution,” she said.

“Once we received the file back, unlocked, our cyber angel purchased the bitcoin, made the transfer, and again, via a secure link on the dark web, directly paid our cyber robbers.

“It all feels like a long distant memory now and we were lucky,” she concluded.

Zoe Samios
Zoe Samios is a reporter at Mumbrella covering media owners. She completed her degree at the University of Sydney in Media & Communications. She has travelled overseas for internships, including South Korea, where she worked as a reporter for The Korea Herald.

Share this Post