Individuals and organisations have been urged to secure their data in a secondary storage device to mitigate against rising ransomware risks.
Assistant Minister for Defence Andrew Hastie has urged stakeholders to back-up critical data as a safeguard against growing incidents of ransomware attacks.
According to the assistant minister, the Australian Cyber Security Centre (ACSC) continues to receive new reports of malicious activity from cyber criminals looking to exploit vulnerable individuals and organisations.
“Backups are one of the best ways to build resistance against ransomware, making it much harder for cyber-criminals to hold Australians to ransom,” Assistant Minister Hastie said.
“Regularly backing up your data and keeping it off your network on a USB or in the cloud will make it faster and easier to restore your important files if they ever become lost, stolen, or compromised.
“In the case of ransomware, it may not be possible to recover data and get your business or projects back up and running without backups stored offline.”
The spike in ransomware activity has prompted the federal Labor opposition to reintroduce the Ransomware Payments Bill 2021 in the Senate after the bill failed to progress the first time.
Businesses and government agencies will be required to notify the ACSC before making a ransomware payment in response to a cyber attack if the bill is passes.
First introduced by shadow assistant minister for cyber security Tim Watts in June, the bill is a response to a recommendation by US-based think tank the Institute for Security and Technology and former director of the US Cybersecurity and Infrastructure Security Agency (CISA) Chris Krebs.
In May, Home Affairs boss Mike Pezzullo raised the prospect of mandatory reporting requirements for organisations that are attacked or extorted by cyber criminals at Senate estimates, and the government’s own Cyber Security Advisory Committee, chaired by Telstra CEO Andrew Penn, recommended a clearer policy position on ransomware payments be developed just last month.
Reportedly, Home Affairs Minister Karen Andrews is “already exploring” a mandatory reporting scheme, but believes that any scheme should be backed by public awareness campaigns.
The government has also been asked to review cyber insurance regimes to understand their efficacy in mitigating cyber attacks.