IT disaster recovery, cloud computing and information security news

Home Affairs Minister, Clare O’Neil, has told ABC News that the Australian Government is looking at making ransom payments in response to ransomware attacks illegal.

Commenting on this Kevin Bocek, Vice President, Security Strategy & Threat Intelligence at Venafi, told Continuity Central:

“The proposal from the Australian Government on banning ransomware payments is sound as it’d hit ransomware operators where it hurts – their wallets.

“However, the harsh reality is that even if businesses pay ransoms, there is no guarantee that their data will be returned as hackers are increasingly following through with extortion threats regardless. We surveyed 1500 security professionals last year to find out their attitude towards paying ransoms. 35 percent of ransomware victims who paid the ransom were unable to recover their data, and 18 percent of ransomware victims who paid the ransom had their data exposed on the dark web. Paying ransoms is clearly no longer the fail-safe it once was, so businesses should use this proposed law as a wake-up call to address the problem at its root and strengthen their security posture.

“It's also worth bearing in mind that if ransom payments are banned, this won’t end cybercrime, as it will force threat actors to change their tactics. Ransomware gangs will target other locations without regulations in place, or they may try alternative methods of generating revenue. Selling stolen machine identities, such as code-signing certificates, is a potential pivot. We’ve seen these sell for significant value on the dark web, and threat groups like Lapsus$ regularly use them to carry out devastating attacks.”


Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.