Push to ban ransomware payments following Australia’s biggest cyber attack
The Australian government is being pushed to ban the payment of cyber ransoms, usually demanded in cryptocurrency, following a local business suffering a mass data breach and subsequent ransom demand.
Australian financial institution Latitude Financial first announced on March 16 that it was hit by a cyber attack and provided an update on April 11 indicating that it received a ransom demand that it’s refusing to pay:
“In line with advice from cybercrime experts, Latitude strongly believes that paying a ransom will be detrimental to our customers and cause harm to the broader community by encouraging further criminal attacks.”
The attack resulted in around 7.9 million Australian and New Zealand driver’s license numbers being stolen, in addition to 6.1 million customer records, 53,000 passport numbers, and 100 customer financial statements.
The Australian government’s lead cybersecurity agency, the Australian Cyber Security Centre (ACSC), currently recommends that victims of ransomware attacks never pay a ransom saying there’s no guarantee the information will be returned instead of being sold online.
The ACSC’s tips on responding to a ransomware attack. Source: ACSC
Despite the recommendation, there is currently no law prohibiting firms from paying ransoms and the latest attack on Latitude prompted many from the Australian tech industry to call for new rules to outlaw it.
Wayne Tufek, the director of cybersecurity firm CyberRisk, noted in comments on April 11 to local media outlet The Australian that “making ransom payments illegal would act as a deterrent for criminals to continue attacks if they know that they won’t be paid large sums of money.”
The director of technology law firm Biztech Lawyers, Andrew Truswell, also told The Australian that a law restricting ransom payments should be considered.
Cyber Security Minister Clare O’Neil is currently weighing if ransom payments should be made illegal following suggestions from a review of Australia’s cybersecurity strategy led by Andy Penn, the former CEO of telco firm Telstra.
Cyber criminals cheat, lie and steal. Paying them only fuels the ransomware business model.
They commit to undertaking actions in return for payment, but so often re-victimise companies and individuals.
— Clare O’Neil MP (@ClareONeilMP) April 11, 2023
The ACSC suggests that Australia is particularly attractive to cybercriminals due to its prosperity, with Australians often cited as having the highest median wealth per adult in the world.
Cryptocurrency has long been accused of facilitating ransomware attacks, as attackers often demand payment in crypto in order to anonymize the funds and transfer them across borders.
One of the ways in which crypto facilitates ransomware is through its ability to anonymize funds through the use of mixing services such as Tornado Cash.
At a Feb. 28 United States Senate Banking Committee hearing a former deputy national security adviser for international economics in the Biden administration, Daleep Singh, suggested that “digital assets are essential to the business model of ransomware,” with “close to 100%” of cyber attackers paid off using crypto.