BACKGROUND:
News has broken that a bill has been introduced into the Australian House of Representatives that requires organisations to disclose when they make ransomware payments. The Ransomware Payments Bill 2021 was introduced on Monday by Labour Shadow Assistant Minister for Cyber Security Tim Watts, who said there was an “urgent need for this bill”.
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics
<p>Considering we have seen an onslaught of attacks targeting various nation states around the world, it is certainly good to see the Australian government taking ransomware seriously. What this regulation may do is dissuade organisations from paying the ransom. Interestingly, <a href=\"https://info.deepinstinct.com/tof/voice-of-secops-2021?_ga=2.55281644.618908134.1624272586-621365453.1615554129&_gac=1.84994667.1623832870.CjwKCAjwwqaGBhBKEiwAMk-FtODWSj7IzyNXLypF8-UYigtDECEbULBOMh899p_RuSEjDxKxaeprtxoCI4sQAvD_BwE\" data-saferedirecturl=\"https://www.google.com/url?q=https://info.deepinstinct.com/tof/voice-of-secops-2021?_ga2.55281644.618908134.1624272586-621365453.1615554129_gac1.84994667.1623832870.CjwKCAjwwqaGBhBKEiwAMk-FtODWSj7IzyNXLypF8-UYigtDECEbULBOMh899p_RuSEjDxKxaeprtxoCI4sQAvD_BwE&source=gmail&ust=1624539751128000&usg=AFQjCNHweTxhPhudgl-mrWFlMBovMbrUpQ\"> recent research</a> has found that 66% of IT and security leaders believe that paying ransom should be made illegal. With regulations such as this one, it may be one of the ways to make organisations think twice before they pay the ransom, and before further regulations such as making ransomware payments illegal, are considered.</p>
<p> </p>
<p>However, regulations only go so far. The onus should always be on technology that actually prevents ransomware attacks, rather than mitigating them once they have already taken hold. Organisations need to invest in solutions that use technology such as deep learning which can deliver a sub-20 millisecond response time to stop a ransomware attack, pre-execution, before it can take hold. This is the only way that organisations can truly stop ransomware attacks, and therefore having to pay ransom.</p>
<p>The Ransomware Payments Bill 2021 is an important and highly positive first step in tackling the continued proliferation of these attacks, and helping to mitigate the impact they are having on the economy and society. The information Australian Firms are being asked to disclose is essential to helping a build a greater threat intelligence pool, and is a forward looking initiative that will both better inform law enforcement, organisations and the cyber security community, while also aiding in planning effective defences. Combating ransomware is a collective effort, and this Bill is an important step in encouraging that cooperation.</p>
<p> </p>
<p>I would expect that over the next 12 months we will see many more governments issue legislation that are targeted at combating ransomware. It’s no surprise that the Australian Government and the UK (with the proposed enhancements to the Computer Misuse Act) have picked up the baton so quickly after the White House Exec Order, given the strong Cyber Security collaboration between those governments. The impact of bills such as this which are largely around information disclosure / sharing should help increase awareness and improve defences, so the hope that is indirectly they contribute to fewer and smaller ransom payments – driven by the fact that such payments can no longer be hidden away.</p>
<p> </p>
<p>The Bill doesn’t penalise an organisation for paying a ransom – rather it encourages / forces them to share this information so that the wider community is aware and can look to prevent this particular instance from repeating itself. Ultimately an organisation needs to be able to continue to function – so it needs to have confidence that it can recover fully and safely without needing to pay-out. Only when this confidence level is reached can it safely take the “pay ransom” option off the table. Till then, ransom payments will remain an (ideally last) option.</p>