If your business is based in Australia and becomes the victim of a ransomware attack, there’s a crucial change in the law that you need to be aware of. Starting from May 30, 2025, if you decide to pay a ransom, you will be legally required to report the incident to the government within 72 hours.
This new requirement is part of the Cyber Security Act, which mandates that all organizations must report ransomware attacks and any ransom payments made. The law was introduced by the Australian Signals Directorate through the Australian Cyber Security Centre (ACSC) and is designed to improve the government’s ability to respond to cyber threats.
While the law does not prevent organizations from paying a ransom, it does require them to report it to the government promptly. The goal is to help authorities track and understand cybercrime trends, assess risks, and aid affected businesses on how to recover from the attack.
Who Does This Law Apply To?
This law applies to businesses and organizations in Australia with an annual turnover of $3 million or more. It also extends to public entities responsible for critical infrastructure.
Keep in mind that payments made in decentralized currencies like Bitcoin are hard to track directly. However, by reporting these payments in a timely manner, the government can gain valuable intelligence to understand the scope of the attack, track possible criminals, and offer guidance on how to handle the situation.
Intelligence-sharing between government agencies and international law enforcement can help in tracking down cybercriminals, although this process often requires significant time and collaboration.
Should You Pay the Ransom?
Whether or not to pay the ransom is a difficult decision that depends on the circumstances. If you have a reliable backup system in place, you may be able to restore your data quickly, avoiding the need to pay the ransom. However, in many cases, data recovery can be time-consuming or even impossible, leading to significant downtime and financial losses.
In such scenarios, paying the ransom might seem like the only viable option, especially if it’s the fastest way to recover operations. But there’s a major risk involved—there’s no guarantee that paying the ransom will result in receiving a decryption key, and by doing so, you may inadvertently fuel further criminal activity.
Ultimately, businesses will need to weigh the potential costs and risks, both financial and ethical, when deciding whether or not to pay a ransomware demand.
Ad
Source link
#Australia #mandates #reporting #ransomware #payments
