AUSTRALIA URGENTLY NEEDS A NATIONAL RANSOMWARE STRATEGY

AUSTRALIA URGENTLY NEEDS A NATIONAL RANSOMWARE STRATEGY Main Image

18 February 2021

SENATOR KRISTINA KENEALLY
DEPUTY LABOR LEADER IN THE SENATE
SHADOW MINISTER FOR HOME AFFAIRS
SHADOW MINISTER FOR IMMIGRATION AND CITIZENSHIP
SHADOW MINISTER FOR GOVERNMENT ACCOUNTABILITY
SENATOR FOR NEW SOUTH WALES 

 

TIM WATTS
SHADOW ASSISTANT MINISTER FOR CYBER SECURITY
SHADOW ASSISTANT MINISTER FOR COMMUNICATIONS
MEMBER FOR GELLIBRAND

 

AUSTRALIA URGENTLY NEEDS A NATIONAL RANSOMWARE STRATEGY

DOWNLOAD THE DISCUSSION PAPER HERE

Labor has released a discussion paper outlining a number of policy options the government should consider to address the growing threat of ransomware.

 

Despite the Australian Cyber Security Centre labelling ransomware as the ‘highest threat’ facing Australian businesses and government in the cyber domain, the Morrison government has no strategy for reducing the volume of these attacks on Australia.

 

In fact, while security researchers have estimated the total cost of ransomware attacks on Australia at around $1 billion a year, the responsible Minister, Peter Dutton has never even mentioned the word in Parliament.

 

According to the ACSC, the volume of ransomware attacks against Australian targets has significantly increased over the past 12-18 months as criminal gangs employ increasingly sophisticated organisational models and pressure tactics to reap record illicit profits.

 

In recent times, Australia has recently seen high impact ransomware attacks against high profile targets like Toll Group, Bluescope Steel, Lion, Spotless, Regis Healthcare, Law in Order, and regional Victorian hospitals. All too often though, playing the blame game by telling businesses it’s up to them to harden their defences has been used as a cover for government inaction in the face of this growing threat.

 

Ransomware is a jobs and investment destroyer at a time the Australian economy can least afford it.

 

It’s time for a National Ransomware Strategy aimed at reducing the number of these attacks on Australian targets. One that increases the costs and reduces the returns of ransomware campaigns targeting Australian organisations.

 

The criminal gangs running these ransomware attacks are now sophisticated operations that choose their targets carefully. There are many things an active government could do to discourage them from targeting Australian organisations.  

 

Labor’s discussion paper outlines a number of tools that could be used by government to actively try to stem the growth of ransomware attacks on Australian targets.

 

Some of the policy options considered in the discussion paper include:

  • a clear framework on offensive cyber operations against ransomware groups;
  • closing the ‘cyber enforcement gap’ by increasing the number of international law enforcement actions against ransomware groups;
  • sanctions targeting ransomware groups where enforcement isn’t possible;
  • regulating the payment of ransoms and the cryptocurrencies that give these groups anonymity, and;
  • strategies to help organisations lift their cyber defences.

 

None of the interventions identified in Labor’s discussion paper are silver bullets, but the threat of ransomware isn’t going anywhere soon and the government cannot just leave it to Australian organisations to confront this challenge alone.

 

It is time the Morrison Government actively tackled this threat and developed a National Ransomware Strategy.

 

THURSDAY, 18 FEBRUARY 2021
 
MEDIA CONTACT: KIERAN INGREY (WATTS) 0432 507 439