Ransomware is one of the biggest security problems on the internet and one of the biggest forms of cybercrime that organisations in Australia and all over the world face today.
A new Australian Strategic Policy Institute (ASPI) report released today joins many cyber security experts calling for the Australian Government to take action to stem the tide of ransomware attacks menacing Australian business and threatening jobs.
What is Ransomware?
Ransomware is a form of malicious software – malware – that encrypts files and documents on anything from a single PC all the way up to an entire network, including servers.
Victims can often be left with few choices:
- they can either regain access to their encrypted network by paying a ransom to the criminals behind the ransomware;
- restore from backups or hope that there is a decryption key freely available; or
- start again from scratch.
Some ransomware infections start when someone happens to click on what looks like an innocent attachment. Once the attachment opens, downloads the malicious payload on the system and encrypts the network.
In some other cases ransomware senders use software exploits and flaws, cracked passwords and other vulnerabilities to gain access to organisations using weak points such as internet-facing servers or remote-desktop logins to gain access.
In such cases, the attackers secretly hunt and probe through the network until they control as much as possible – before encrypting all they can. The organizations are then in their hands and face huge demands to return control of their systems.
Ransomware today has grown to become a billion dollar a year cost to Australia, according to Tim Watts, Labor member for Gellibrand.
“…Labor has been leading the policy debate on how government should be responding”, Tim Watts adds suggesting Australia should “develop a national ransomware strategy aimed at reducing the volume of these attacks and coordinating government action across policy, regulation, law enforcement, diplomacy and defence capabilities.”
In February 2021, Labor released a discussion paper ‘Beyond the Blame Game: Time For a National Ransomware Strategy’ on the issue.
The recommendations of the new report by Australian Strategic Policy Institute, ‘Exfiltrate, encrypt, extort: The global rise of ransomware & Australia’s policy options’ says Tim Watts “echoes Labor’s calls for both a national ransomware strategy and a mandatory ransom notification scheme.”
“A mandatory notification scheme designed to collect actionable threat intelligence on ransomware incidents for law enforcement, signals intelligence and policy makers should be the foundation of such a national ransomware strategy”, emphasises Tim Watts.
Labor recently introduced a Private Members Bill in the Parliament to establish such a scheme.
Accusing the Morrison government of inaction on the issue, Tim Watts says the government has “missed every opportunity to take the basic actions needed to combat this threat.”
Only last week, Australia’s biggest meat and food processing company, JBS Foods was among a number of Australian firms affected by the biggest global ransomware attack on record, suspected to have been executed by the same Russian-linked gang which hit.
The Australian Cyber Security Centre, part of Australian Signals Directorate, confirmed the attack had spread into local firms.
“As of 5 July 2021, the ACSC has received reporting of this incident impacting Australian organisations and are working with victims to assist and to better understand the extent of impact,” the agency said.
Clearly, Australian businesses are pitted against increasingly sophisticated and well-resourced cyber-criminals and face real danger while conducting their normal, legitimate enterprises. Already marred by the pandemic, the businesses can ill afford any more flogging and need to be buttressed to help them survive.