As part of its Ransomware Action Plan the Government has announced legislative reforms. Background.
The Australian Government’s policy is that it does not condone paying ransoms to cybercriminals. It says there is no guarantee that the payment will lead to your data being recovered, that the data won’t be on-sold, or that you will not be attacked again
The proposed changes include
— Introducing a specific mandatory ransomware incident reporting to the Australian Government
— Introducing a stand-alone offence for all forms of cyber extortion
— Introducing a stand-alone aggravated offence for cybercriminals seeking to target critical infrastructure (as proposed to be regulated by the Security Legislation Amendment (Critical Infrastructure) Bill 2020).
If you found this article helpful, then subscribe to our news emails to keep up to date and look at our video courses for in-depth training. Use the search box at the top right of this page or the categories list on the right hand side of this page to check for other articles on the same or related matters.
Author: David Jacobson
Principal, Bright Corporate Law
Email:
About David Jacobson
The information contained in this article is not legal advice. It is not to be relied upon as a full statement of the law. You should seek professional advice for your specific needs and circumstances before acting or relying on any of the content.