At a business summit in Sydney on Wednesday, Optus boss Kelly Bayer Rosmarin said the attack was carried out by a motivated individual and crafted specifically for the company.
The chief executive of Optus has maintained that the cyberattack on her telco in September was perpetrated by a skilled cyber criminal and revealed the company lost customers in its immediate aftermath.
“The cyberattack was not a casual crime of opportunity,” Rosmarin said. “The skilled criminal had knowledge of Optus’ systems and cycled through many tens of thousands of internet protocol addresses in an attempt to evade our automated cyber monitoring.”in Australian history, accessing names, dates of birth, phone numbers, email addresses, physical addresses and driver’s licence numbers of millions of the telecommunications giant’s customers.
“We never paid a ransom,” Rosmarin said. “You can’t assume the hacker was actually planning to do a ransom in the first place. It looks like a bit of an odd attempt. The most likely scenarios were SIM swaps and phishing, which was shut down by going public so quickly.”“Of course, in the immediate aftermath, there were customers who decided to leave us and that is understandable,” Rosmarin said. “But I think some reports were greatly exaggerated.
“Everyone has a policy of not paying ransoms, but it’s too absolutist to say ‘never’, given that the evidence doesn’t suggest that,” she said.