Australian cybersecurity experts are calling for more aggressive government action to protect businesses from ransomware attacks. Experts have warned a "tsunami of cybercrime" has cost the global economy about $743 billion.
Big companies can be attractive targets for cybercriminals who can extort millions of dollars after stealing sensitive commercial information.
The Cybersecurity Cooperative Research Centre is a collaboration between industry representatives, the Australian government and academics.
Its chief executive, Rachael Falk, believes Australia is an easy target for hackers because cyber defenses can be weak.
“More often than not, it is by sending an email where an employee clicks on a link,” she said. “They get into that organization, they have a good look around and they work out what is valuable data here that we can encrypt, which means we lock it up and we will take a copy of it. And then we will encrypt all the valuable data in that organization and then we will hold them to ransom for money. So, it is a business model for criminals that earns them money.”
The consequences for businesses can be extreme. They can lose valuable data, or have it leaked or sold by cyberthieves. In some cases, hackers can disable an organization’s entire operation. In March, a cyberattack disrupted broadcasts by Channel Nine, one of Australia's most popular commercial television news networks. It sought help from the Australian Signals Directorate, a government intelligence agency.
Researchers want the government to require Australian companies to tell authorities when they are being targeted.
They also want clarity on whether paying ransoms is legal. Experts have said Australian law does not make it clear whether giving money to hackers is a criminal offense.
There is also a call for the government to use tax incentives to encourage Australian businesses to invest in cybersecurity.
Last year, federal government agencies said China had been responsible for a series of cyberattacks on Australian institutions, including hospitals and state-owned companies.