Australian critical infrastructure manager Ventia has been forced to take some of its systems offline after it was affected by a cyber attack.
The company issued a statement on Saturday, saying it had detected a cyber incident in its systems and had taken several offline to keep it contained.
“As part of our management of this incident, we have taken decisive action to contain it, including taking some key systems offline,” it said.
“Ventia has engaged external cyber security experts and is actively working with regulators and law enforcement.. “As we work to restore our networks, we will prioritise the security and safety of our people, our customers, and our stakeholders.” Since then, Ventia has issued a second statement saying that its operations are continuing despite the attack and that it is continuing to address the issue.
“Ventia is continuing to respond to a cyber incident [that] has affected some of our systems,” it said.
“Ventia’s operations are continuing. We are maintaining vigilance across our systems.
“We will not hesitate to take further protective action if required as operations return to normal in the days ahead.”
Ventia works with significant critical infrastructure as a major toll provider, as well as services for the NBN and more.
Attacks on critical infrastructure present a major risk to national security, and one that Australia has to consider going forward.
Minister for Home Affairs and Cyber Security Clare O’Neil has said that Australia must prepare for a “dystopian future” in which threat actors and organisations will hold entire digitally connected cities to ransom.
“[A future where] our interconnected cities are held hostage through interference in everything from traffic lights to surgery schedules,” she said in a speech at Australian Strategic Policy Institute’s Sydney Dialogue in April.
According to Claroty regional director Leon Poggioli, critical infrastructure attacks like this have a much more detrimental effect on human life and are getting more common thanks to creative cyber techniques.
“People are more and more becoming aware that every piece of critical infrastructure in Australia is a potential target for a cyber attack, whether it’s our power grid, hospitals, transport networks, water utilities or more,” Poggioli said.
“Critical infrastructure often eludes the public’s attention as a major source of cyber risk, yet the impact of a breach of these systems has the potential to impact human life.
“We see hackers are getting more creative and sophisticated with their attack methods, and the consequences can be far-reaching.
“In this instance, the attack appears to be a simple case of extortion, but future incidents could disrupt essential services and cause severe impact to public safety.”
Last month, Russian state-backed cyber criminals from the LockBit hacking gang targeted the toll operator for Sydney’s Cross City Tunnel.
The operator, Transurban, said that the attack would not affect operations and that customers of its tolling brand, Linkt, could be reassured that their data remain safe.