“It gives the beneficiary of those YouTube video hits a diverse and well spread out geography of YouTube views,” Professor Ko said.
“If it’s always the same computer doing that clicking, then it doesn’t look like it’s a genuine organic growth, but if it is a widespread network of different computers located around the world, that’s more convincing.”
Generally, hacking for clicks was about increasing advertising revenue, he said.
The more views on a video, the more valuable it would become. A video’s view count also played a role in determining the likelihood it would appear in users’ searches.
“I think it will be more and more common over time because it’s a creative way to increase the number of views,” Professor Ko said.
“I think the YouTube is also being challenged to detect the fake views. It’s a cat and mouse game.”
The Sunwater spokesman said no website users or customers were redirected to the YouTube video.
In an ordinary scenario, the clicks were happening “behind the scenes”, Professor Ko said.
“It’s important to do the patching or software updates regularly … When you close out the holes, the hackers can’t go into your computers to install things on your behalf,” he said.
Sunwater reported the breach to the Australian Cyber Security Centre.
It was soon closed because there was no impact to customers, the Sunwater spokesman said.
“Sunwater took immediate steps to improve system security once it became aware of the issue,” he said.
Professor Ko said the attack was probably opportunistic and could have come from foreign actors.
The QAO report said the entity – Sunwater – “implemented a number of measures to address the breach, including updating software, using stronger password practices, and monitoring incoming and outgoing network traffic.”
“As entities use more cloud-based services, which provide remote access to systems, cyber risk vulnerabilities and exposures must be continuously assessed,” it said.