Yes, Cyber Insurance can provide cover for ransomware payments, but it is not guaranteed in every case. Each incident is assessed individually by the insurer and its claims team, based on the specific circumstances and legal or regulatory obligations.

Policies often include coverage for ransom payments as well as support services such as negotiation, forensic IT assistance, and legal advice. However, insurers can only approve a ransom payment if it is legally permitted.

There are legal restrictions on when a ransom can be paid. Payments are prohibited if they would breach sanctions law, anti-money laundering rules, or support criminal or terrorist organisations. The Corporations Act 2001 may also prevent certain payments depending on the nature of the business.

As of May 2025, some businesses must now report ransom payments under the Cyber Security Act 2024. If your business has an annual turnover of $3 million or more, or operates in a critical infrastructure sector, you must notify the Australian Signals Directorate (ASD) within 72 hours of making a payment. While enforcement is currently focused on education, penalties are expected to increase from January 2026.

If you are unsure whether your policy includes ransomware cover or whether you need to report a payment, contact us, and we can walk you through your options.