Ransomware payment and cyber extortion payment reporting

Under section 27 of the Cyber Security Act 2024, a reporting business entity has an obligation to use this form to report to the Government if you have made or are aware another entity has made on your behalf, a ransomware or cyber extortion payment within 72 hours.
For more assistance on how to use this form, see How to make a report: Ransomware payment reporting | HomeAffairs.gov.au.

Which best describes your organisation?

An entity carrying on business in Australia with an annual turnover for the previous financial year that is equal to or exceeds $3 million

A responsible entity for a critical infrastructure asset to which Part 2B of the Security of Critical Infrastructure Act 2018 applies

A third-party or other entity that is submitting a report on behalf of the reporting business entity

Your organisation details

First name

Last name

Email address

Verify email address

Organisation name

Contact number

Organisation address

State/Territory or Overseas

Postcode

Country

ABN

Why is an ABN not applicable?

Not applicable

Website address

Critical Infrastructure Sector

Critical Infrastructure Asset

Entity you are reporting on behalf of

Organisation name

Email address

Verify email address

Organisation address

State/Territory or Overseas

Postcode

Country

ABN

Why is an ABN not applicable?

Not applicable

Website address

Cyber security incident details

You are only required to disclose information you know, or by reasonable search or enquiry, are able to find out.

The date the incident occurred or is estimated to have occurred

The date when your entity became aware of the incident

Has this cyber security incident impacted your infrastructure?

Yes

Please outline the impact on your infrastructure

Has this cyber security incident impacted your customers?

Yes

Please outline the impact on your customers

What variants (if any) of ransomware or other malware was used?

Unknown

What vulnerabilities (if any) were exploited in your entity’s systems?

Unknown

Demand information

Type of payment demanded

Monetary

Non-monetary

Amount of payment demanded

Description of any non-monetary demands

Method of payment demanded

Payment information

Type of payment provided

Monetary

Non-monetary

Amount of payment provided

Description of any non-monetary payment provided

Method of payment provided

Extorting entity information

Have you communicated with the extorting entity regarding the cyber security incident, the demand or payment?

Yes

Please outline the date and timing of these communications

Provide a brief description of these communications

Describe any pre-payment negotiations undertaken in relation to the demand or payment

Additional information

Please provide any further information that may assist the Commonwealth in the response to, mitigation or resolution of the cyber security incident.

What are you looking for?

About us

Learn the basics

Protect yourself

Threats

Report and recover

Resources for business and government