HopgoodGanim Lawyers have recently partnered with Redwood Cyber Security to produce The Ransomware Decision Guideline.
Ransom and cyber extortion attacks have been crippling for Australian organisations, including private businesses, not-for-profit organisations and public sector departments or agencies. These attacks leave behind a host of legal, reputational and financial consequences, both for the impacted organisation itself, its stakeholders, and individuals such as current or former employees and their families, customers or service users.
The Australian Government, Australian Cyber Security Centre (ACSC) and the Department of Home Affairs are firm in their policy stance that organisations or individuals should not pay a ransom. A reality is however, that an organisation may have no option but to consider negotiating or paying if doing so would allow the business to obtain key information about the cause of a cyber incident, unlock its critical data or systems, keep the business operation, preserve confident or proprietary information from becoming public, or prevent risks to high-value personal information.
This guideline is intended to help inform your strategy on when to negotiate and when to pay, if your organisation faces a ransomware or cyber extortion event.
Discover more about our Cyber Security expertise.