Australia has introduced new regulations mandating the reporting of ransomware and cyber extortion payments by businesses meeting specific criteria. The legislation aims to improve threat intelligence and strengthen cybersecurity defenses across the country. #AustralianSignalsDirectorate #RansomwareReporting
Keypoints
- Businesses with an annual turnover of $3 million AUD or more must report ransomware payments.
- All critical infrastructure organizations are classified as reporting entities under this legislation.
- Payments, including non-monetary benefits, must be reported within 72 hours of being made.
- Reports should detail the cybersecurity incident, attacker demands, contact info, and ransom amount.
- The Australian Signals Directorate will use these reports to understand threat actor behavior and cyber threats.
Read More: https://www.securityweek.com/australia-enforces-ransomware-payment-reporting/