The Australian government has long advised ransomware victims against paying ransoms, arguing that doing so does not guarantee receiving a decryption key and only encourages further criminal activity. However, recognizing that ransom payments might be unavoidable in some situations, Canberra is preparing to introduce legislation requiring businesses to disclose any ransom payments made to criminals.
Under the new law, which will be implemented in a digital and systematic manner, affected businesses will be required to report their ransom payments to the government. This move aims to enhance transparency and allow authorities to monitor such transactions more effectively.
Recent months have seen a significant increase in ransomware attacks targeting large telecom companies, private healthcare providers, and financial institutions. To combat this trend and aid law enforcement in tracking ransom payments, the Albanese- led government will mandate that companies disclose any such payments starting in September this year.
Previously, there were efforts to ban cryptocurrency payments to criminals by 2022. However, due to the decentralized nature of cryptocurrencies and the lack of centralized governance, enforcing a ban on blockchain-based transactions has proven challenging. Despite attempts by security analysts and international law enforcement agencies like the FBI and Europol to track these transactions using blockchain analysis tools, the increasing sophistication of cybercrime has made monitoring difficult.
To address this, the Australian government has decided to make ransom payments public. This measure aims to inform other companies about ransomware activity and strengthen their defenses against such attacks. Additionally, it will help cyber teams track and potentially seize assets converted into fiat currency, thereby tracing criminal activities through financial channels.
The Australian government hopes this new approach will be effective in curbing cybercrime and improving overall cybersecurity.
