Labor Bill would force Aussie organizations to disclose when they pay ransoms
On Monday 21 June, Australia’s shadowy Undersecretary for Cyber Security, Tim Watts, introduced a new bill to Parliament requiring Australian companies that are victims of ransomware to notify the Australian Cyber Security Center (ACSC) that they intend to pay ransom to hackers.
The draft Ransomware Payments Bill 2021 was introduced against the backdrop of a significant increase in ransomware attacks over the past year on Australian organizations, including hospitals, Channel 9, a major beverage manufacturer Lion, logistics giant Toll Group, and others.
“Ransomware attacks have cost the Australian economy $ 1 billion and the latest figures show a 200 per cent increase in reports of ransomware cyberattacks on Australian organizations,” a spokesman for Tim Watts said.
“Do not pay” is for ransomware what “do not click” is for phishing. Sounds like great advice, but falls apart in a real world model.
— Runa Sandvik (@runasand) June 20, 2021
According to Watts, by compulsory reporting of their intent to pay ransom to hackers by organizations, ACSC will be able to obtain useful, accurate data that will allow it to better understand this phenomenon.
A scheme to oblige cyber ransomware victims to report ransomware attacks and ransom payments to local law enforcement agencies was also recommended to the administration of President Joe Biden earlier this year by the nonprofit Ransomware Task Force.
The Australian bill, introduced on June 21, is another sign that governments around the world are approaching a tipping point when it comes to tackling ransomware operators and the devastating impact of their attacks.
Catch up on more articles here
Follow us on Twitter here