"Australia Considers Ban on Ransomware Payments After Medibank Breach"
The Australian government recently announced that it is considering banning ransomware payments in response to the Medibank data breach. The group behind the hack has been linked by the Australian Federal Police (AFP) to Russian cyber-criminals with connections to the REvil cyber gang, allegedly dismantled by Russia's Federal Security Service earlier this year. The Australian government is now suggesting making ransomware payments illegal to decrease the profitability of data breaches for criminal organizations. Australia's home affairs minister Clare O'Neil recently made a statement confirming a new cyber-policing model between the AFP and the Australian Signals Directorate to deliver "new tough policing" on cybercrime. Roughly 100 officers will be part of the new partnership that would act as a joint standing operation against cyber criminals. However, according to Jordan Schroeder, managing CISO at Barrier Networks, the idea of a task force is insufficient to ensure protection against ransomware attacks in Australia, particularly at a time of sustained cyberattacks against companies in the country. Schroeder noted that making ransomware payments illegal in one jurisdiction "could push the payment of ransomware underground, which will hide these crimes and make coordinated responses with law enforcement difficult, or it could even force companies to use third parties in other jurisdictions to make payments on their behalf, which will not solve the problem." Schroeder suggests that the Australian government should consider what the criminals would do in response to such regulations, not just how to punish the victims trying to recover from data breaches. More generally, Schroeder stated that a better focus for the Australian government could be on equipping organizations with better defenses against ransomware. This would include raising awareness around cybercrime techniques and introducing legislation on minimum cybersecurity requirements for businesses.
Infosecurity reports: "Australia Considers Ban on Ransomware Payments After Medibank Breach"