The Australian Cyber Security Centre's Annual Cyber Threat Report finds ransomware remains one of the most disruptive threats to Australian organisations.
The report highlights the key cyber threats affecting Australian systems and networks and uses trend analysis to describe the nature, scale, scope and impact of malicious cyber activity affecting Australian networks. With over 67,500 reports of cybercrime received in the 2020–21 financial year alone, sophisticated ransomware attacks were alarmingly found to be on the rise.
With the impact of ransomware attacks deemed as "in the realm of catastrophic" by Australian Signals Directors (ASD) Director-General, Rachel Noble, we urge all businesses to seek support to ensure their cyber defences are prepared for potential ransomware attacks.
Assistant Minister for Defence, the Hon Andrew Hastie MP, says the Government is tackling cybercriminals head-on to support Australian organisations and individuals from cyber compromise.
“The government is taking action, and we have introduced legislations to ensure that in the event of a large-scale cyber attack on our critical infrastructure, our cyber and law enforcement agencies are empowered to provide greater and more immediate support to the victims,” Mr Hastie said.
Assistant Minister Hastie goes on to note that "ransomware is one of the most damaging types of cyberattacks, which can have severe and long-lasting impacts on Australian organisations and their operations. But prevention is better than cure, and with cyber security, the best offence is often a strong defence."
The ACSC has published a ransomware Prevention and Protection Guide, with steps on how businesses can protect themselves from ransomware, including:
When US security firm Crowdstrike surveyed senior Australian IT professionals for its 2020 Global Security Attitude Survey, it found 33 per cent of those who admitted to falling victim to a ransomware attack said they paid the ransom.
The ACSC advises against paying a ransom. Doing so does not guarantee a victim’s files will be restored, nor does it prevent the publication of any stolen data, or it being sold for use in other crimes. Along with increasing the likelihood of a victim being targeted again, each ransom payment also bolsters the viability of the ransomware market and puts other Australian organisations at greater risk.
Irrespective of the decision to pay a ransom, all victims are strongly encouraged to report ransomware-related cybercrime and cyber security incidents to the ACSC. Sharing technical and contextual information about an incident helps to protect other potential victims, supports efforts to disrupt criminal operations and enables the ACSC to implement measures to reduce ransomware targeting against Australia.
Diamond IT's online or face-to-face Cybersecurity Awareness Training and Cybersecurity Healthcheck can have an immediate impact on the strength of your security. We can help you ensure your staff education programs are fit for purpose and align with best practice.
Our Business Technology Managers (BTMs) and Business Technology Consulting team are specialists in improving your internal cybersecurity and are ready to speak with you. Contact our team on 1300 307 907 today.