The Australian government is considering banning online ransom payments in the form of cryptocurrencies following a major data breach by a local company and subsequent ransom demands.
Australian financial institution Latitude Financial announced on March 16 that it had been the target of a cyber attack and provided an update on April 11 that it had received a ransom demand that it refused to pay.
Based on the advice of cybercrime experts, Latitude believes that paying the ransom is detrimental to our customers and will encourage further criminal attacks on the wider community,” the company said. The attack resulted in approximately 7.9 million Australian and New Zealand driver’s license numbers, 610 Ten thousand customer records, 53,000 passport numbers and 100 customer financial statements were stolen. The Australian Cyber Security Center (ACSC), the country’s main cybersecurity agency, currently advises victims of ransomware attacks to never pay the ransom, as there is no guarantee the information will be returned rather than sold online.
The decision to ban the use of cryptocurrencies to pay for online ransoms comes as governments and organizations around the world grapple with the growing threat of ransomware attacks. Ransomware is a type of malware that encrypts a victim’s data, making it inaccessible until a ransom is paid, usually in the form of a cryptocurrency such as Bitcoin. Cybercriminals often need large sums of money, and the use of cryptocurrencies provides them with a level of anonymity that makes it difficult for law enforcement agencies to trace funds.
The Australian government has proposed a ban on online ransom payments in cryptocurrencies, aimed at disrupting ransomware attackers’ business models and preventing them from targeting Australian entities. By removing the option to pay ransoms in cryptocurrencies, the government hopes to reduce the financial incentives for cybercriminals and make them less profitable to carry out ransomware attacks.
However, the proposed ban on the use of cryptocurrencies to pay for online ransoms has also raised concerns among some experts. While it may prevent victims from paying the ransom, there are concerns that it may also have unintended consequences.
Some believe that banning cryptocurrency payments could prompt cybercriminals to seek alternative payment methods or use other methods to extort money from victims, such as selling stolen data on the dark web or conducting other types of cyberattacks. Additionally, there are concerns that the ban could affect legitimate uses of cryptocurrencies, such as businesses that rely on cryptocurrencies for legitimate transactions or individuals who use cryptocurrencies for financial privacy reasons.
In addition to proposing to ban the use of cryptocurrencies to pay for online ransoms, the Australian government has taken other steps to strengthen its cybersecurity defenses. This includes investing in cybersecurity infrastructure, increasing cybersecurity awareness and education, and increasing collaboration among government agencies, law enforcement, and the private sector to better respond to and prevent cyberthreats.