The Cross City Tunnel in Australia has become the latest victim of cyber attack, as the notorious LockBit ransomware gang reportedly breached the system. The attack was part of a stream of assaults, with the group targeting 24 victims in 24 hours since June 5. The LockBit ransomware gang has already stolen data from the tunnel and shared a post on its dark web site informing authorities that the data would be published on June 26, 2023, at 10:44:46 (UTC) if the ransom is not paid on time.
This recent cyber attack reinforces the growing concern in Australia over the security of critical infrastructure and underscores the challenges faced by digital interconnected cities that are increasingly susceptible to malicious interference. The attacks on the Pittsburg Unified School District, Dalvíkurbyggð municipality in Iceland, Newark Academy in Livingston, New Jersey, and a healthcare center in Fredericksburg, Virginia, highlight the menace of hackers in Australia.
Security researcher Dominic Alvieri disclosed the alleged tunnel breach on Twitter on June 7, alerting authorities to the situation. The Cross City Tunnel in Australia is reportedly the first tunnel service to be breached, and Alvieri has been tracking the LockBit ransomware group’s attack pattern, sharing information with other cybersecurity entities and analysts.
There has been no official response from Cross City Tunnel in Australia regarding the alleged cyber attack. This leaves the attack claims unverified, although the list of victims shared by cybersecurity analyst VX-Underground aligns with Alvieri’s tweet of 24 cyber attacks in 24 hours.
Australia’s cybersecurity minister, Clare O’Neil, has warned of the growing threat posed by cyber attacks, stating that recent data breaches in Medibank, Optus, and Latitude are merely the tip of the iceberg. The minister for home affairs and cybersecurity has launched a series of exercises aimed at enhancing the country’s ability to respond effectively to attacks on critical infrastructure systems.
The LockBit ransomware gang has evolved over the years. In February 2023, the group progressed to a new version, called “LOCKBIT Green,” which is the fourth iteration of their ransomware. It employs an encryptor derived from the leaked source code of the Conti ransomware.
The recent cyber attacks in Australia pose a unique set of challenges and potential dangers that cybersecurity researchers and threat intelligence services are closely monitoring. The 24-hour cyber attack spree by the LockBit ransomware group reinforces the need for stronger cybersecurity measures to protect critical infrastructure against future attacks.