At the Counter Ransomware Initiative (CRI) Summit in San Francisco yesterday, the Australian government joined international allies and partners in pledging not to pay ransom demands related to cyber-attacks.
The 50 members of the International Counter Ransomware Initiative (CRI) includes Albania, Australia, Austria, Belgium, Brazil, Bulgaria, Canada, Colombia, Costa Rica, Croatia, the Czech Republic, the Dominican Republic, Egypt, Estonia, the European Union, France, Germany, Greece, India, INTERPOL, Ireland, Israel, Italy, Japan, Jordan, Kenya, Lithuania, Mexico, the Netherlands, New Zealand, Nigeria, Norway, Papua New Guinea, Poland, Portugal, the Republic of Korea, Romania, Rwanda, Sierra Leone, Singapore, Slovakia, South Africa, Spain, Sweden, Switzerland, Ukraine, the United Arab Emirates, the United Kingdom, the United States, and Uruguay.
The initiative, set up by the US in 2021, has been used by Australia as a way of demonstrating their commitment to tackling cybercrime on the international stage. The Australian Government has been front and centre of the CRI, with the Minister for Home Affairs Clare O’Neil MP chairing the initiative’s International Counter Ransomware Task Force since its formation 12 months ago.
The pledge commits the governments of signatory countries, including Australia, to not pay ransoms to cybercriminals. It should be noted that this commitment only applies to government agencies and not the countries’ private industries.
While the pledge does set an example and provide a united front against the gangs, given the bulk of ransomware attacks target small and medium-sized businesses, the pledge may not result in a major disruption to the operations and revenue of cyber criminals, but does help all players understand that payments in crypto or otherwise will not be made from Government agencies.
A recent example of a ransomware attack is the HWL Ebsworth attack. The attack saw ransomware group ALPHV/BlackCat stealing data from the law firm, impacting up to 65 Australian Government agencies and the big four banks. HWL Ebsworth received 16 weeks of government assistance before it was determined that they no longer needed government assistance.
In the attack, approximately 1.4TB of the stolen data appeared on the dark web after the ransom wasn’t paid.
What can businesses do to protect themselves from ransomware attacks?
There are a number of things businesses can do to protect themselves from ransomware attacks, including:
- Educate your employees about ransomware.
Make sure your employees know what ransomware is and how to spot it. - Keep your software up to date.
Software updates often include security patches that can help protect you from known ransomware attacks. - Back up your data regularly.
If you do get hit by a ransomware attack, having regular backups of your data will allow you to restore your systems without paying the ransom. - Use strong passwords and multi-factor authentication.
Strong passwords and multi-factor authentication can help to prevent attackers from gaining access to your systems. - Implement the ASD Essential 8
The Australian Signals Directorate has assembled a list of the 8 most important things businesses can do to help protect their systems and data.