Why is backup key to cybersecurity in Australia?

  • Backup should be a critical part of cybersecurity in Australia.
  • Businesses should also refrain paying ransomware.
  • 64% of Australian IT and security leaders said they would likely pay a ransom to recover their data in the wake of a cyberattack.

One of the best ways of managing and securing data is by ensuring there are sufficient backup capabilities. Organizations that have modern backup solutions are known to have better recovery options should they experience any cybersecurity incidents.

In fact, looking into the cybersecurity strategy in Australia, backup has to be a critical part of it. Businesses in Australia continue to be targeted by cybercriminals. Most of these businesses end up paying the ransom simply because they need access to their systems back, due to the lack of proper backup and recovery options.

According to data points from Rubrik Zero Labs, 64% of Australian IT and security leaders said they would likely pay a ransom to recover their data in the wake of a cyberattack. The report also stated that almost three quarters of Australian respondents (72%) reported having already paid a ransom to recover data or to stop a ransomware attack.

However, most businesses fail to realize that paying the ransom does not necessarily mean they will get access back to their data or not be targeted again. Some cybercriminals can even exploit data to launch further cyberattacks in the future after returning it to companies. Rubrik’s study showed that only 14% of Australian organizations that paid attackers for decryption tools were able to recover all their data.

Australia's Minister of Cyber Security, Claire O'Neil.

Australia’s Minister of Cyber Security, Claire O’Neil, outlines the goals of the latest cybersecurity strategy.

While there is no law to stop businesses from paying ransomware, most governments and cybersecurity vendors are strongly against it. Australia’s new strategy also does not push for a ban of paying ransoms, with the country’s Cybersecurity Minister Claire O’Neil stating that the government does not have sufficient coping mechanisms for an outright immediate ban on ransomware payments.

“So my plan for the country on ransoms is that we undertake what is the first two years of this strategy, and then we revisit where we are then and contemplate what I think is inevitable for countries around the world, and that is one day a ban on making ransomware payment. We just can’t feed cybercriminals like this,” O’Neil said on a radio interview following the launch of the strategy.

Backup is critical for cybersecurity in Australia.

Backup is critical for cybersecurity in Australia (Image generated by AI).

Backup is key to cybersecurity in Australia

Scott Magill, managing director for Rubrik in Australia and New Zealand, said that gaining greater visibility into the ransoms demanded and paid by Australian businesses seems like a step in the right direction, but in isolation, it will do little to actually protect Australian data.

“We need to ask why we’re requiring organizations to report this? If it’s to stop the flow of money to cyber criminals by implementing a punitive ‘big stick’ to fine those who pay a ransom, then it is a misguided approach. If it’s to gain greater visibility into the scale of the problem, it is only half the solution. We need to think about the outcome we’re striving to achieve and work backward to get to the solution,” said Magill.

Magill explained that ideally organizations shouldn’t be paying ransoms because they don’t need to, and that’s the outcome Australia should be aiming for. The Australian Cyber Security Centre’s (ACSC) annual threat report, released last week, showed that the second most common cyber-incident was compromised user credentials. That means that regardless of how high a digital wall is built, motivated attackers will get in. The ACSC report also found the number of cyberattacks against Australian businesses had increased 23%, with one attack reported every six minutes.

“With that in mind, I would urge the government to consider supporting organizations to adopt an ‘assumed breach mindset.’ This involves understanding attackers will eventually be successful, and preparing ahead of time to keep the most critical and sensitive data safe,” explained Magill.

Magill emphasizes the importance of backups, which he feels will be critical to this approach. Proven and fully tested, cyber-resilient backups break the entire ransomware business model, because they allow an organization to rapidly recover data themselves. This drastically minimizes the impact of an attack.

Put simply, rather than be faced with weeks or months offline as the business recovers, the entire process can happen in just minutes or hours, negating the need to pay a ransom.

“The Australian Signal’s Directorate (ASD) already has a framework in place with its regular backup mitigation strategy. One solution could be to mandate regulated industries and critical infrastructure providers to implement this strategy to the highest maturity level. This could easily be woven into current Security of Critical Infrastructure (SOCI) requirements. Further assurance could then be provided by requiring these industries to regularly show evidence of tested recovery times and procedures,” stated Magill.