The Australian government is being pressured to ban the payment of cyber ransoms, normally demanded in cryptocurrency, after a local company suffered a massive data breach and subsequent ransom demand.
the australian moneylender Latitude Financial first announced on March 16 that it had suffered a cyberattack and on April 11 updated the information indicating that it had received a ransom demand that it refused to pay:
“In line with the advice of cybercrime experts, Latitude strongly believes that paying a ransom will be detrimental to our customers and cause harm to the community at large by encouraging further criminal attacks.”
The attack resulted in the theft of some 7.9 million Australian and New Zealand driving license numbers, as well as 6.1 million customer records, 53,000 passport numbers and 100 customer financial statements.
The Australian government’s main cybersecurity agency, The Australian Cyber Security Center (ACSC) currently advises victims of ransomware attacks never to pay a ransom, as there are no guarantees that the information will be returned rather than sold on the internet.
Despite the recommendation, there is currently no law that prohibits companies from paying ransoms, and the latest attack on Latitude led many in the Australian tech industry to call for new rules banning it.
Wayne Tufek, director of the cybersecurity company CyberRisk, told The Australian that “Making ransom payments illegal would deter criminals from continuing attacks if they know they are not going to collect large sums of money.”
The director of the technology law firm Biztech Lawyers, Andrew Truswell also told The Australian that legislation restricting ransom payments should be considered.
Cybersecurity Minister Clare O’Neil is considering making ransom payments illegal, following suggestions from a review of Australia’s cybersecurity strategy led by Andy Penn, former CEO of telecommunications company Telstra.
Cybercriminals cheat, lie and steal. Paying them only fuels the ransomware business model.
They commit to undertaking actions in return for payment, but so often re-victimize companies and individuals.
— Clare O’Neil MP (@ClareONeilMP) April 11, 2023
Cybercriminals cheat, lie, and steal. Paying them only feeds the ransomware business model. They promise to take action in exchange for payment, but often re-victimise companies and individuals.
The ACSC suggests that Australia is especially attractive to cybercriminals due to its prosperityas Australians are often cited as having the highest average wealth per adult in the world.
Cryptocurrencies have long been accused of facilitating ransomware attacks, as attackers often demand payment in cryptocurrency. to anonymize funds and transfer them to foreign countries.
One of the ways that cryptocurrencies facilitate ransomware is through their ability to anonymize funds through the use of mixing services like Tornado Cash.
In an appearance before the United States Senate Banking Committee on February 28, Daleep Singh, former deputy national security adviser for international economics in the Biden administration, claimed that “digital assets are essential to the ransomware business model,” and that “nearly 100%” of cyber attackers get paid using cryptocurrency.
Clarification: The information and/or opinions expressed in this article do not necessarily represent the views or editorial line of Cointelegraph. The information presented here should not be taken as financial advice or investment recommendation. All investment and commercial movement involve risks and it is the responsibility of each person to do their due research before making an investment decision.
Keep reading:
Investments in crypto assets are not regulated. They may not be suitable for retail investors and the entire amount invested may be lost. The services or products offered are not directed or accessible to investors in Spain.