fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Australia To Tackle Ransomware Data Breaches By Deleting Stolen Files

Australia To Tackle Ransomware Data Breaches By Deleting Stolen Files

Australia’s Minister for Home Affairs has announced the “Australian Government’s Ransomware Action Plan,” which is a set of new measures the country will adopt in an attempt to tackle the rising threat.

Ransomware is a global problem, and Australian businesses aren’t excluded from costly service-disrupting attacks. In July, the government warned of an escalation of LockBit activity in the country.

According to a report from the Office of the Australian Information Commissioner (OAIC), in the first half of 2021, data breaches resulting from ransomware attacks grew by 24% compared to H2 2020.

To address the risk, the Australian government has approved a massive investment of AU $1.67 billion (USD $1.23 billion) over ten years through Australia’s Cyber Security Strategy 2020, with the ransomware plan a part of the initiative.

Also Read: Top 8 Main PDPA Obligations To Boost And Secure Your Business

The highlights of the new Ransomware Action Plan include the following:

  • The formation of a multi-agency taskforce named ‘Operation Orcus,’ led by the AFP (Australian Federal Police).
  • The introduction of a mandatory ransomware incident reporting clause for all victimized entities.
  • The establishment of awareness raising programs for businesses of all sizes.
  • The introduction of harsher punishments for cyber extortionists and ransomware actors based in the country.
  • Be more active in calling out states that facilitate ransomware attacks, or provide safe havens to cybercriminals.
  • Actively track and intercept cryptocurrency transactions that have confirmed links to ransomware operations or other cybercrimes.

The plan is backed by an investment of AU $164.9 ($121.2 million), with roughly half of it going to the employment of an additional 100 AFP agents. The new task force will undertake the role of identifying, investigating, and targeting cyber criminals.

Disrupting double-extortion schemes

To further strengthen the ability to conduct investigations and disrupt ransomware attacks, the government is looking to establish new powers through the Surveillance Legislation Amendment Act 2021.

Under this new legislation, the Australian Federal Police (AFP) and Australian Criminal Intelligence Commission (ACIC) will have the power to delete or remove data linked to suspected criminal activity, permitting access to devices and networks and even allowing the take over of online accounts for investigation purposes.

These new powers will allow law enforcement to delete data stolen during ransomware attacks and stored on servers operated by the attackers for use in double-extortion schemes. By deleting the data, law enforcement hopes to prevent potential data breaches if a victim does not pay the ransom.

“to establish procedures for certain law enforcement officers of the Australian Federal Police or the Australian Crime Commission to obtain warrants and emergency authorisations that:

(i) authorise the disruption of data held in computers; and

(ii) are likely to substantially assist in frustrating the commission of relevant offences; and” – Surveillance Legislation Amendment Act 2021.

In terms of supporting the victims, the plan also includes AU $6.1 million ($4.5 million) that will go into helping businesses recover from catastrophic cyberattacks and train small and medium-sized companies on how to improve their cybersecurity stance.

Also Read: 5 Tips In Using Assessment Tools To A Successful Businesses

The announcement of the new ransomware action plan in Australia is in line with what international allies are doing to tackle the problem, with only Russia and China left out of talks.

Not only are the efforts of these two countries to fight cybercrime not convincing, but they have also been repeatedly and openly accused of supporting some of the most damaging attacks of this kind.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us