The AFP is renewing calls for Australian businesses to move quickly to report ransomware attacks to law enforcement, with recent research confirming that victims who reported incidents to authorities experienced significant time and cost savings.
The AFP is urging Australian victims to report incidents of ransomware attacks as soon as possible, amid concerns some businesses and individuals are dealing with breaches without the assistance of law enforcement.
The renewed call for increased reporting to law enforcement follows the release of IBM Security's Cost of a Data Breach Report 2023*, which found organisations that did involve law enforcement in their response to cyber-attack incident saw significant time and cost savings as a result.
The report confirmed 37% of ransomware victims opted not to involve law enforcement to help contain a ransomware breach. However, those which did notify authorities experienced a much less costly ransomware breach overall. In addition, those who worked with law enforcement saw their attack incident resolved faster compared to those who did not report it.
The report estimated the average cost of a ransomware breach was about $7.6 million when authorities were not involved compared to an estimated $6.9 million when the incident was reported to law enforcement.
AFP Commander Chris Goldsmid said the AFP was equipped to combat ransomware incidents, and led the taskforce to coordinate national law enforcement effort against ransomware.
Between 1 July 2022 and 30 June 2023, the AFP-led taskforce captured and analysed 204 ransomware incidents.
"We know that ransomware attacks are unfortunately becoming more prevalent in our digital world. The AFP is urging Australians and Australian businesses to come forward and report any ransomware breaches as soon as possible," he said.
"We don't want you to go it alone. If we are alerted to an incident in its earliest moments, we have our best shot at gathering the evidence we need to identify those responsible for the attack, disrupt their activities and bring them to justice."
Commander Goldsmid said the new data was proof of the importance of reporting cybercrime incidents to law enforcement as soon as the crimes became apparent.
Early reporting has supported the AFP's Cyber Command to undertake 57 disruptions between 1 July 2022 and 30 June 2023, preventing the loss of $30 million.
"Investigating these incidents and protecting the community is our priority. This report shows involving law enforcement and enabling investigations to start immediately can cut the total time of these incidents by weeks or even months, limiting the damage caused by criminals," he said.
In late 2022, the AFP established Operation Guardian, in collaboration with Commonwealth and state and territory partner agencies in response to the growing sophistication and impact of ransomware attacks and data breaches targeting Australian businesses online.
Commander Goldsmid said the AFP, together with Commonwealth and international partners, remains committed to identifying and disrupting criminal groups behind ransomware attacks in Australia and around the globe.
"We have a crucial role in the disruption and dismantling of these dangerous ransomware groups - no matter where they are in the world," Commander Goldsmid said.
"The AFP has significant powers within its remit, including legislation that precludes the AFP from revealing when they are in use. Those powers should serve as a warning to hackers, and those who will attempt to piggyback off those criminals, that the AFP will relentlessly pursue them.
"If you believe you are a victim of cybercrime, report it to ReportCyber
