Govt must help business tackle ransomware

Tim Watts

Maksim Yakubets cuts quite the figure driving his custom fluoro camouflage Lamborghini through the streets of Moscow.

According to indictments filed in the United States, Yakubet could live this lifestyle thanks to his role in the international ransomware gang, ‘Evil Corp’, which is estimated to have extorted about US$100m ($128m) from businesses and individuals around the world.

The United States sanctions payments of ransoms to Evil Corp, but there is no equivalent restriction in Australia.

In fact, despite ransomware being described by the Australian Cyber Security Centre as the biggest cyber threat facing Australia, there’s no dedicated government strategy for tackling this rapidly growing crime that brings in big bucks for international criminals at the expense of Australian businesses and consumers.

Ransom guy: Evil Corp’s Maksim Yakubets on the streets of Moscow. Photo: UK National Crime Agency

Australia has recently seen high impact ransomware campaigns against high profile targets like Toll Group, Bluescope Steel, Lion, Spotless, Regis Healthcare, Law in Order, and regional Victorian hospitals.

The Australian government does not currently collect statistics about the impact of ransomware, but analysis by security firm Emsisoft in 2020 estimated its total annual cost to the nation at a minimum of US$270 million (AU$348 million) and a best estimate of US$1.1 billion (AU$1.4 billion).

The rapidly growing costs of successful attacks on targeted entities – in downtime, remediation, ransoms and supply chain interruptions – combined with the growing costs to all organisations of defending themselves against these attacks is an unsustainable burden on the nation.

Ransomware is a jobs and investment destroyer at a time when the nation can least afford it.

While individual organisations will always have the primary responsibility for taking the necessary steps to protect their IT systems from cyber threats, too often, blaming the victim becomes a cover for government inaction.

It is past time that the Morrison government developed a dedicated National Ransomware Strategy that actively sought to reduce the number of ransomware attacks targeting Australia.

The evolution of ransomware gangs into sophisticated, well-resourced organised crime groups presents both a challenge and an opportunity.

The emergence of so called ‘big game hunting’ ransomware gangs that carefully research and select their targets to maximise the returns of attacks has increased the costs of ransomware.

But this sophistication has also created the opportunity for new government strategies aimed at deterring these attacks.

We know from interviews with these gang members and from the advertisements they post seeking affiliates that these gangs are aware of the differences in security practices, regulations and law enforcement practices in different nations. We can use this to our advantage as a nation.

A National Ransomware Strategy that sought to increase the costs and reduce the returns of ransomware campaigns against Australian organisations, could send a message to ransomware gangs that Australian targets aren’t worth the effort.

As the United States has done with Evil Corp and Mr Yakubets, one of the policy levers government could use as part of such a strategy is regulating the payment of ransoms.

Ransom payments are the life blood or ransomware campaigns. More payments beget more attacks. On the other hand, if Australia became known as a jurisdiction where it was hard to get paid, ransomware gangs may choose to select targets elsewhere.

In recent months, the former Directors of both the US Cybersecurity and Infrastructure Security Agency and the UK National Cyber Security Centre, have each called for the serious consideration of banning ransom payments in their respective countries.

Australia should have this debate too as part of a broader discussion about the potential tools available to government to convince ransomware gangs that there’s no return on investment from targeting Australian organisations.

Labor has released a discussion paper that canvases a range of tools government could employ as part of a National Ransomware Strategy to shape the target selection of ransomware gangs and ultimately to reduce the number of attacks targeting Australian organisations.

None of the potential interventions identified in Labor’s discussion paper are silver bullets. But the threat of ransomware isn’t going anywhere soon and the government cannot leave it to Australian organisations to confront this challenge alone.

It is time the Morrison Government took this threat seriously and developed a National Ransomware Strategy.

Tim Watts is Labor’s Shadow Assistant Minister for Cyber Security and the federal Member for Gellibrand.

Do you know more? Contact James Riley via Email.

Leave a Comment

Related stories