SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
Australia pledges no ransom payments for cyber attacks at CRI Summit
Sat, 4th Nov 2023

The Australian Government has formally pledged not to pay ransom demands stemming from cyber attacks. This commitment was made at the recent Counter Ransomware Initiative (CRI) Summit in San Francisco. Developed by the U.S. in 2021, the CRI and its associated pledge have been embraced by Australia as a chance to express their commitment to tackling global cybercrime.

Not only has Australia signed the pledge but has taken an active role in the CRI's operations. The Minister for Home Affairs, Clare O'Neil MP, has chaired the initiative's International Counter Ransomware Task Force since its inception 12 months prior. The initiative and its commitment to not pay ransoms apply only to government bodies and does not extend to private sector industries.

Oakley Cox, Cybersecurity Analyst and Technical Director for Darktrace, a global leader in AI-powered cybersecurity, commented on the pledge. He stated: "Yesterday's pledge commits the governments of signatory countries, including Australia, to not pay ransoms to cybercriminals. While the pledge does set an example and provide a united front against the gangs, given the bulk of ransomware attacks target small and medium-sized businesses, the pledge is unlikely to result in a major disruption to the operations and revenue of cybercriminals."

Cox acknowledged that the cost of cyber-attacks for companies often exceeds the monetary price of the ransom, citing the case of the HWL Ebsworth attack as an example. The law firm did not pay the ransom demanded by the ALPHV/BlackCat ransomware group, with a coordinated response involving the Australian Cybersecurity centre (ACSC), Federal and State law enforcement, and the newly minted National Cyber Security Coordinator.

While the CRI's commitment to not paying ransoms is a welcome approach, Cox maintained that more efforts need to be made to prevent cyber attacks from occurring in the first place. He added: "While the CRI is a welcome signal for the world to not pay ransoms in ransomware attacks, which will in the long run negate much of the financial benefit of these attacks to hackers, it does still focus on what to do after the attack. Meaning the organisations have already been infiltrated. We would've liked to have seen the Summit also focus on how to stop these attacks occurring. Private sector and government organisations alike can still do much more to protect themselves and keep the publics data safe."