Australia and 38 countries including the US and Britain have agreed new guidance to support organisations hit by ransomware attacks and strengthen cyber resilience.

The Counter Ransom Initiative, a global cyber bloc, has produced the guidance with support from the Insurance Council of Australia and other peak bodies such as the Association of British Insurers and American Property Casualty Insurance Association.

“The new guidance will ultimately help undermine the business model of ransomware criminals and take away the incentive to target other organisations elsewhere, preventing future attacks and boosting global resilience,” the UK Home Office says.

It adds the guidance will encourage organisations to carefully consider their options instead of rushing to make payments to cybercriminals.

“It makes clear that paying a ransom will often only embolden these criminals to target other victims, and there is no guarantee of data retrieval, malware removal or the end of a ransomware attack.”

The guidance says cyber insurance can be an important risk management practice and Counter Ransom Initiative members recognise the role the cover can play in building resilience, including helping insureds improve protective measures.

“[Initiative] members and insurance industry bodies will collaborate to deepen the important role the commercial cyber insurance industry plays to strengthen and support organisations’ resilience against ransomware,” the guidance says.

Meanwhile, Australia has imposed financial sanctions and travel bans on three Russian citizens for their involvement in the Evil Corp cybercrime group.

The penalties on Maksim Viktorovich Yakubets, Igor Olegovich Turashev and Aleksandr Viktorovich Ryzhenkov, who hold senior roles in Evil Corp, are part of a co-ordinated effort with Britain and the US. The sanctions make it a criminal offence to provide assets to the trio, or to use or deal with their assets. They are also banned from entering Australia.

“We have been very clear – under our government, Australia is hardening its defences and ensuring there are consequences for people who target our citizens and businesses,” Cyber Security Minister Tony Burke said.

“These sanctions are another example of our commitment to working with our international partners to shut down the criminal organisations that have built a business model on ransomware.”

Click here for the Counter Ransom Initiative guidance.