Discussion Papers

Time For A National Ransomware Strategy

February 17, 2021


Australia urgently needs a National Ransomware Strategy. 

Despite the Australian Cyber Security Centre labelling ransomware as the ‘highest threat’ facing Australian businesses and government in the cyber domain, the Morrison government has no strategy for reducing the volume of these attacks on Australia.

In fact, while security researchers have estimated the total cost of ransomware attacks on Australia at around $1 billion a year, the responsible Minister, Peter Dutton has never even mentioned the word in Parliament.

According to the ACSC, the volume of ransomware attacks against Australian targets has significantly increased over the past 12-18 months as criminal gangs employ increasingly sophisticated organisational models and pressure tactics to reap record illicit profits.

In recent times, Australia has recently seen high impact ransomware attacks against high profile targets like Toll Group, Bluescope Steel, Lion, Spotless, Regis Healthcare, Law in Order, and regional Victorian hospitals. All too often though, playing the blame game has been used as a cover for government inaction in the face of this growing threat.

Ransomware is a jobs and investment destroyer at a time the Australian economy can least afford it.

It’s time for a National Ransomware Strategy aimed at reducing the number of these attacks on Australian targets. One that increases the costs and reduces the returns of ransomware campaigns targeting Australian organisations.

The criminal gangs running these ransomware attacks are now sophisticated operations that choose their targets carefully. There are many things an active government could do to discourage them from targeting Australian organisations.  

Labor’s discussion paper outlines a number of tools that could be used by government to actively try to stem the growth of ransomware attacks on Australian targets.

Some of the policy options considered in the discussion paper include:

  • a clear framework on offensive cyber operations against ransomware groups;
  • closing the ‘cyber enforcement gap’ by increasing the number of international law enforcement actions against ransomware groups;
  • sanctions targeting ransomware groups where enforcement isn’t possible;
  • regulating the payment of ransoms and the cryptocurrencies that give these groups anonymity, and;
  • strategies to help organisations lift their cyber defences.

None of the interventions identified in Labor’s discussion paper are silver bullets, but the threat of ransomware isn’t going anywhere soon and the government cannot just leave it to Australian organisations to confront this challenge alone.

It is time the Morrison Government actively tackled this threat and developed a National Ransomware Strategy.