The hitting of Fortune 500 companies with malware is starting to ring alarm bells. More

Screenshot: Asha Barbaschow/ZDNet
Australia Post on Thursday experienced a handful of failures across its business, with reports people were receiving parcels not addressed to them and the addressees unable to redirect the delivery online.
The postal service’s online portal went down, with a message reading, “We’re updating this right now. Won’t take too long. Please try again later.” when customers attempted to track the status of their delivery.
The notice was later updated to confirm technical issues were behind the downing of its parcel tracking system.  
Customers were reporting problems with Australia Post since just after 10:00am AEST.
On Twitter, Australia Post said it was aware of issues across its tracking website and associated apps and that it was “working hard to get the tracking back up and running as soon as possible and apologise for the inconvenience caused”.
“We’re currently experiencing technical issues which are impacting parcel tracking. We are working hard to resolve this issue as quickly as possible,” a notice on the government-owned entity’s website reads.
“We will provide updates as details are confirmed and apologise for the inconvenience.”
Australia Post has not responded to ZDNet’s request to comment further.
Earlier on Thursday, the organisation published its financial results, seeing group profits before tax climb 30% to AU$53.6 million.
Revenue also increased over last year by 7% to reach AU$7.5 billion. Australia Post said its revenue increase was boosted by further e-commerce growth during COVID-19, accounting for growing losses in its letters business.
Domestic Australia Post branded parcels rose 25% to just over AU$2.4 million.
“In the second half of the year parcel revenues were boosted by the continued growth of e-commerce as consumer demand grew as families adapted to lock down restrictions and more businesses went online as their physical stores hibernated,” Australia Post said in delivering its results.
“And while the growth in e-commerce has been a strong driver behind this year’s financial result, we have had to make changes to ensure our workforce and network can operate as efficiently and safely as possible. The pandemic has also severely impacted our ability to deliver across the country on time.”
The postal service was previously labelled by the Australian National Audit Office (ANAO) as not effectively managing cybersecurity risks, with a report highlighting weaknesses in its implementation of a risk management framework.
Since the recommendations were made, chief information security officer Glenn Stuttard said Australia Post has taken a number of steps to rectify this, such as conducting maturity level assessments against the Essential Eight controls for mitigating cyber attacks, reconfirming its critical application list and control scope for assessment of business critical and security ranked critical applications, and conducting reviews internally.
In May, Australia Post said it had seen around 300 cyber incidents since January, but that none were enough to cause it to suffer the same fate as the likes of Toll.
See also: Toll attacker made off with employee data and commercial agreements
Stuttard at the time said from January 1 to March 30, the organisation had no incidents that were considered to be of “extremely high” impact.
“But we did respond to over 300 individual cyber incidents that we see in our systems and most of those come from things like SMS phishing campaigns,” he said. “Text messages that bad actors might send to you try and get you to click on a link and give up your credentials and similarly through email phishing campaigns, so we’re dealing with these types of things on a daily basis, and defending those.”
He said it was quite a substantial number and that the postal service didn’t have any “high” or “extreme” impacts over that period of time.
Stuttard said Australia Post has not specifically seen any evidence in the past few years of state actors attempting to “hack” or “attack” its systems. But he did say there would be a substantial disruption to its functions should it fall victim to a serious attack.
MORE FROM THE POSTAL SERVICE More

Image: Getty The international police organization Interpol has arrested 2,000 people in a crackdown on social-engineering rackets and intercepted $50 million in illicit funds.  Interpol announced it had conducted raids at 1,700 locations over two months, seizing $50 million in fraudulently gained proceeds and arresting 2,000 people, which it described as “operators, fraudsters and money […] More

Jason Hiner and Kerry Wan/ZDNETFollow ZDNET: Add us as a preferred source More

Romanian authorities have arrested two individuals suspected of cyber-attacks using the Sodinokibi/REvil ransomware. They are allegedly responsible for 5,000 infections, accounting for €500,000 in ransom payments, according to European law enforcement agency Europol.REvil has been one of the most notorious ransomware groups of 2021, responsible for hundreds of high-profile attacks around the world.A further suspected GandGrab affiliate was arrested by Kuwaiti authorities on the same day.In addition to these arrests, GoldDust, which is a 17-nation law enforcement operation, saw three additional arrests in February and April by authorities in South Korea against affiliates involved with REvil ransomware. Another affiliate, a Ukrainian national, was arrested at the Polish border in October following an international arrest warrant from the US. The Ukrainian suspect was arrested on suspicion of involvement in the Kaseya ransomware attack, which affected around 1,500 companies across the world. In total, the operation has resulted in seven arrests, and it’s the first time they’ve been disclosed publicly by law enforcement.SEE: A winning strategy for cybersecurity (ZDNet special report)    The operation involved police from countries around the world and international law enforcement agencies Europol, Eurojust, and Interpol. The arrests follow a joint operation which was able to intercept communications and seize infrastructure used during campaigns.

Operation GoldDust also received support from the cybersecurity industry from companies including Bitdefender, KPN, and McAfee. Researchers at Bitdefender provided technical insights throughout the investigation, along with decryption tools to help victims of ransomware attacks recover their files without having to pay the ransom.Decryption tools for several versions of GandCrab and REvil ransomware are available for free via the No More Ransom project. According to Europol, the REvil decryption tools have helped more than 1,400 companies decrypt their networks following ransomware attacks, saving over €475 million ($550 million) from being paid to cyber criminals.Europol supported the operation by providing analytical support, as well analysis into malware and cryptocurrency. The 17 countries participating in Operation GoldDust are Australia, Belgium, Canada, France, Germany, the Netherlands, Luxembourg, Norway, Philippines, Poland, Romania, South Korea, Sweden, Switzerland, Kuwait, the United Kingdom, and the United States.”These arrests illustrate what can be achieved when the public and private sectors pool their resources to fight cybercrime. This operation was an around-the-clock global effort to hunt down those responsible for the most devastating ransomware attacks in recent history leaving no stone unturned,” Alexandru Catalin Cosoi, senior director of the investigation and forensics unit at Bitdefender which aided investigations, told ZDNet.”The success of this operation is a wake-up call for cybercriminals. They should understand if they are caught in the crosshairs of an international effort to find them, they can’t hide,” he added.The arrests are the latest in a string of operations by law enforcement targeting ransomware operations. Last month saw a Europol-led operation target 12 suspects in Ukraine and Switzerland believed to be behind LockerGoga, MegaCortex, Dharma, and other ransomware attacks. It was also recently reported that law enforcement from multiple countries helped take down key elements of REvil.MORE ON CYBERSECURITY More