Australia Considers Ban on Ransomware Payments After Medibank Breach

The Australian government announced over the weekend it is considering banning ransomware payments in response to the Medibank data breach.

The group behind the hack has been linked by the Australian Federal Police (AFP) to Russian cyber-criminals with connections to the REvil cyber gang, allegedly dismantled by Russia's Federal Security Service earlier this year.

Now, the Australian government is suggesting making ransomware payments illegal to decrease the profitability of data breaches for criminal organizations.

Australia's home affairs minister Clare O'Neil made the announcement on ABC television on Sunday, confirming a new cyber-policing model between the AFP and the Australian Signals Directorate to deliver "new tough policing" on cybercrime.

Roughly 100 officers will be part of the new partnership that would act as a joint standing operation against cyber-criminals.

However, according to Jordan Schroeder, managing CISO at Barrier Networks, the idea of a task force is insufficient to ensure protection against ransomware attacks in Australia, particularly at a time of sustained cyber-attacks against companies in the country.

"The Medibank breach has taken Australia by storm, so it is not surprising the government is analyzing how to handle cyber incidents moving forward, but isolated knee-jerk responses will only make the problem worse," Schroeder told Infosecurity.

"Furthermore, making ransomware payments illegal in one jurisdiction could push the payment of ransomware underground, which will hide these crimes and make coordinated responses with law enforcement difficult, or it could even force companies to use third parties in other jurisdictions to make payments on their behalf, which will not solve the problem."

Instead, the executive suggested the Australian government should consider what the criminals would do in response to such regulations, not just how to punish the victims trying to recover from data breaches.

"Countries, cybersecurity experts, ISPs, and cyber insurers need to work on a collective approach to tackle this global and wide-ranging issue," Schroeder added.

More generally, the security expert said that a better focus for the Australian government could be on equipping organizations with better defenses against ransomware.

"This would include raising awareness around cybercrime techniques and introducing legislation on minimum cybersecurity requirements for businesses."

The announcement comes weeks after Deep Instinct published its latest cyber-threat report suggesting 2022 has been another record year for cyber-criminals and ransomware gangs.

What’s Hot on Infosecurity Magazine?