Security Market Segment LS
Thursday, 14 October 2021 11:05

Govt's ransomware action plan gets a lukewarm welcome Featured

Govt's ransomware action plan gets a lukewarm welcome Pixabay

The Federal Government's Ransomware Action Plan has received a lukewarm welcome from security professionals, with one calling for an increased focus on prevention and adoption of advanced cyber security measures.

H. Daniel Elbaum, chairman and joint chief executive of VeroGuard, said: "Whilst the recognition of the cyber security problem in the plan is welcome, an immediate increased focus on preventing the crimes is needed and adoption of enhanced cyber security referred to by the World Economic Forum embraced."

Home Affairs Minister Karen Andrews announced the plan on Wednesday, saying that when it took effect, businesses that had an annual turnover of $10 million or more would have to report ransomware attacks.

She said the government would also introduce new criminal offences and tougher penalties. But Andrews gave no indication as to when the plan would come into force.

Elbaum said: "It makes absolutely no sense to continue doing the same thing and expect a different result. For example, a key recommendation by the Australian Cyber Security Centre to prevent ransomware includes turning on multi-factor authentication, but they also acknowledge that not all MFA are equal.

"Breaches of software-based 2FA solutions are becoming common, yet significantly ‘enhanced MFA cyber security’ solutions are already available in the market that happen to be developed, produced and run in Australia.”

Elbaum said the government could be doing a lot more to enhance cyber security and protect businesses and citizens online.

He called for the implementation of measures "that would have immediate and material impact on the problem, such as mandating strong MFA rather than any MFA, integrating strong MFA and digital identity into government systems rather than vulnerable applications and biometric-based tools".

"I would like to add that a focus on sovereign solutions will also mean better control over our critical infrastructure, economic outcomes and development of high value jobs in the digital economy," he added.

Scott McKinnel, ANZ country manager at security outfit Tenable, said: "Ransomware isn't just a financial threat, but an urgent national security risk that threatens schools, hospitals, businesses, and governments across the board.

"Cyber attacks — including ransomware — are big money makers, so ultimately we need to do everything in our power to make it more difficult and less lucrative for cyber criminals. For this reason, we welcome the government's action plan.

"We believe that greater sanctions and an increase in government and industry co-operation can play a vital role in keeping Australia safe, and we look forward to more detail being released on the plan.

"Having said that, businesses can't rely on the government alone to protect them.

"It's equally important for businesses to take steps to minimise threats including fixing unpatched vulnerabilities, implementing strong security controls for remote desktop protocol, and ensuring endpoint security is up-to-date - especially in remote environments."

Kate Healy, head of Security Google Cloud AuNZ, said despite attempts to stop it, ransomware continued to affect organisations across all industries, significantly disrupting business processes and critical national infrastructure services and leaving many organisations looking to better protect themselves.

"Robust protection against ransomware (and many other threats) requires multiple layers of defence and the Australian Government's Ransomware Action Plan, along with its reforms to protecting critical infrastructure, is recognition of the need to uplift security in businesses across the economy," she said.

"We are deeply concerned by these trends. Security is the cornerstone of our product strategy, and we've spent the last decade building infrastructure and designing products that implement security at scale. Protecting against ransomware is a critical issue for all organisations, and best practices such as reporting are only the start of building a mature and resilient cyber security posture.

"It's important to remember that you can't focus on a single piece of defence; you need a comprehensive cyber security program that enables you to identify, prevent, detect, respond, and recover from threats. Above all, you need a range of solutions from a battle-tested and highly resilient cloud platform that works across these elements in an integrated way with your business."

Matthew Lowe, ANZ area vice-president for security and service management software provider Ivanti, said: "A lot of the conversations around the Ransomware Action Plan are, understandably, currently focused on the criminal offences for ransomware attackers and the mandatory reporting scheme for ransomware victims. The ‘prepare and prevent’ section of the plan outlines minor measures and updates that have, for the most part, already been captured within the announcement of the Australian Cyber Security Strategy in 2020. This has, unfortunately, diminished the importance of taking a proactive approach to mitigating the risk of ransomware.

“The threat of a hefty fine is still only effective in reducing ransomware if the risk of getting caught is high. Crime is a risk versus reward game, and this plan would need to show a quick and high success rate in fining, and fine collection from, these criminals before we will see a reduction in ransomware.

“Prevention is still the best tool in the arsenal against ransomware. Focusing on cyber education and government sponsored assistance around ransomware prevention and preparedness among businesses would be more impactful in reducing the $3.5 billion lost each year to cyber crime and the damage and pain ransomware inflicts, with almost immediate results.

“Mandatory reporting of ransomware attacks is critical, as accurate information is needed to understand the root cause, and real impact, of ransomware — information that informs some of our strongest and most effective security recommendations like the Australian Cyber Security Centre's Essential Eight. The more credible and up-to-date information the ACSC can provide to mid-sized business around the effectiveness of aligning their security policy to the Essential Eight, the greater the uptake of the framework—leading to less incidents.

“Addressing these gaps in security is a vital process for every business. With the increasing number and variance of threat vectors, companies need to understand the landscape and be proactive about preventing cyber incidents.”

Nityanand Thakur, head of Cyber Security at Koenig Solutions, said: "Most ransomware attacks and ransom payments go unreported, as businesses are reluctant to disclose they were attacked. This results in a vicious cycle of funding of cyber criminals to launch further attacks.

"With ransomware attacks targeting important infrastructure such as the recent attack on the Colonial Pipeline, governments are increasingly coming under pressure to act.

"Implementing a reporting requirement is a tool that will help stem the flow of funding to these criminal organisations."

Read 1556 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here


The past year has seen a meteoric rise in ransomware incidents worldwide.

Over the past 12 months, SonicWall Capture Labs threat researchers have diligently tracked the meteoric rise in cyberattacks, as well as trends and activity across all threat vectors, including:

Encrypted threats
IoT malware
Zero-day attacks and more

These exclusive findings are now available via the 2022 SonicWall Cyber Threat Report, which ensures SMBs, government agencies, enterprises and other organizations have the actionable threat intelligence needed to combat the rising tide of cybercrime.

Click the button below to get the report.



It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site and prominent Newsletter promotion and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.


Sam Varghese

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News