AWI CEO Stuart McCullough at the Australian Sheep and Wool Show last year.

AUSTRALIAN wool growers deserve to be able to sell their wool and not be put off by the failure of an offshore-based system, Australian Wool Innovation chief executive Stuart McCullough said today.

A ransomware cyber attack on industry software provider Talman halted wool sales last week and auctions in Melbourne rostered to start on Tuesday this week have been rescheduled to begin Wednesday.

Mr McCullough said AWI trusted that security has been improved and the ongoing disruption to the auction system will be resolved quickly. But at noon today, some wool brokers still would not access the system.

“Growers have been worried about the auction system being offline this past week due to an offshore cyber-attack and we have had concerns stretching back to 2014 about the over reliance on the one platform.

“The last thing any of us want is any further delay in the selling of wool to crucial export markets,” he said.

“The prolonged drought has already meant many growers have been under extreme cash flow pressure, they are suffering and deserve to be able to offer to sell their wool when they wish and not be put off due to the failure of an offshore based system.”

In AWI’s Wool Selling Systems Review report in 2016, Talman was described as “antiquated and inflexible” and some exporters expressed concerns about the quality of Talman’s services and the time taken to respond to requests for change.

Need for greater cyber security vigilance

Charles Sturt University Associate Professor Lihong Zheng: wool system attack showed a need for greater cyber security.

The AWI CEO was joined in his concerns about IT system security by Charles Sturt University Associate Professor Lihong Zheng who said the cyber attack showed a need for cyber security vigilance.

The academic from the Charles Sturt School of Computing and Mathematics and Graham Centre for Agricultural Innovation said the cancellation of Australian wool sales last week highlights that no industry is immune to cyber-attack.

Associate Professor Lihong Zheng said in recent years there’s been a dramatic increase in the number of large and successful ransomware attacks.

“Malware is code that is designed to maliciously disrupt the normal operation of, or cause harm to, a network or user’s computer, phone, tablet, or other device.

“The ransomware cyber attack on the software used by the wool auction system is a type of malware,” Professor Zheng said.

“Once infected, it encrypts the files on a user’s device or a network’s storage devices. To restore access to the encrypted files, the user must pay a sum of the Monero cryptocurrency.

“Ransomware can be distributed through a malicious file attached to a phishing email, a malicious URL link in the body of an email, an infected USB device, or a vulnerability in the device’s operating system or installed applications,” she said.

“The ransomware program will be delivered to the device and starts to encrypt files as soon as the attachment is opened or upon clicking the URL link.”

Professor Zheng said agriculture in Australia today is a very sophisticated and highly technical industry and there are steps that individuals and organisations should take to reduce the risk of cyber-attack.

“People should minimise visits to unknown websites, disable macros in Microsoft Office, install and regularly update antivirus and anti-ransomware software, and install a firewall to stop traffic from untrustworthy sources getting onto your device.

“The farming sector has applied more innovative and cutting edge technologies of artificial intelligence (AI), Wireless Sensor Networks, cloud computing, and the Internet of things (IoT) to ease their daily work, reduce losses or improve the yield quantity and product quality,” Professor Zheng said.

“As the number of connected-to-IoT devices increases, these devices are now poised to become more pervasive in our lives and security concerns are exponentially multiplied.

“Being on the internet means we’re always sharing some kind of data,” she said.

“We may not be able to stop a company from getting hacked, but we can limit how much information we share.

“It’s important to keep your operating system and software up to date, back up your data, and back up your backup, as well as utilising multiple security layers.”

Talman is reinstating its backup in new infrastructure

Chief executive officer of the Ozdocs/Talman Group, Dr Pramod Pandey, said it is well-known that cyber attacks happen, but he said Talman had the backup for the systems under attack and is reinstating the wool system with this data in a new IT infrastructure. He has previously told Sheep Central that having duplicate systems operational would help minimise future disruptions and the industry should also have a contingency plan. Talman would consider what more could be done when the wool industry services were restored, he said.

Dr Pandey said this type of cyber attack has happened to many companies.

“The main thing really is that the lesson that we should learn is that we all should have backup.”

Professor Zheng said more cyber security strategies can be found at Europol No More Ransom!, The UK National Cyber Security Centre a series of steps, and ACSC.