Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
As of 30 May, businesses that earn more than $3 million a year will need to report paying a ransom to hackers. Here’s what you need to know.
New ransomware reporting rules come into effect on 30 May as part of Australia’s Cyber Security Act, requiring organisations with an annual turnover of $3 million or entities responsible for critical infrastructure to report paying a ransom to the Australian Signals Directorate within 72 hours of making the payment.
The aim of this new reporting regime is to help the government build a picture of the ransomware landscape and understand how cyber crime is impacting Australian businesses.
But how exactly will this impact Australian organisations and IT leaders?
“Australia’s new ransomware reporting obligations represent a major step toward transparency and accountability in cyber crime response,” Aaron Bugal, field CISO APJ at Sophos, told Cyber Daily.
“Being required to disclose any ransomware payments will force a need for a review of and an update to policies, incident response plans and ensuring board-level awareness. While this adds a layer of compliance, it also encourages better cyber hygiene and may reduce the likelihood of a ransom payment as an easy way out after an attack.
“With this additional insight, government and industry get clearer telemetry into ransomware trends, enabling more informed policymaking and improved threat response.”
While the new requirements will certainly lead to a shift in how businesses respond to and plan for ransomware attacks, it may also have an impact on hackers behind the scenes.
“Will this force cyber criminals to shift to a different form of extortion? Maybe, but at least it’s going to be a watershed moment of change where it finally looks like the battle against ransomware is progressing toward an end game,” Bugal said.
Civil penalties will apply to entities that fail to report ransom payments within the required period, but according to Bugal, there is still more that the government can do.
“Without hesitation, Australia should be standing behind the UK’s model of completely banning ransomware payments. Paying ransoms only fuels cyber criminal networks, encourages more attacks, and increases the likelihood of repeat targeting through double or triple extortion,” Bugal said.
“There’s no guarantee that paying a ransom will recover data or prevent its release. In fact, it often leads to more harm. There are plenty of examples of ransomware groups double or even triple dipping into the pockets of businesses that they consider ‘easy targets’.
“We must move away from reactive payments and toward proactive resilience. Australia has the capability, through strong cyber security frameworks, expert practitioners, and regulatory support, to prepare and protect organisations without resorting to funding criminals.”
For Bugal, a complete ban is a comprehensive answer to the ransomware challenge.
“There is no honour among thieves, and a complete ban sends a clear message Australia will not negotiate with cyber criminals,” Bugal said.
You can learn more about the new reporting requirements here.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
