Ransomware-Payment Report Template for Engineering & Design Firms

From 30 May 2025, entities with AU$3m+ annual turnover or responsible for critical infrastructure must lodge a report to ASD within 72 hours of paying (or learning of) a ransom or other benefit.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Need immediate assistance?

Speak with our Cybersecurity Experts today

1300 93 77 49

What The Ransomware Payment Report Asks For From Businesses

Designed for fast, accurate lodgement with step-by-step fields and final checklist to confirm completeness.

Entity
Identifiers

Businesses are required to provide the following: Legal name, ABN, registered address and primary contact details

Incident Timeline & Impact

Time of insident, systems and data affected, customer impact, known malware/variant, initial entry point or vulnerability (if known)

Extortion
Demand

What was requested, by whom (if known), channel used, and any payment destination details provided

Payment or Benefit Provided

Amount or value, method (e.g. cryptocurrency, transfer, service), date/time, and any transaction reference or hash

Communications
Log

Timestamps and concise summaries of messages or negotiations with the extorting party or intermediaries

Submission
Checklist

A final pass to confirm completeness and note any “not known at time of submission” items

Entity
Identifiers

Businesses are required to provide the following: Legal name, ABN, registered address and primary contact details

Incident Timeline & Impact

Time of incident, systems and data affected, customer impact, known malware/variant, initial entry point or vulnerability

Extortion
Demand

What was requested, by whom (if known), channel used, and any payment destination details provided

Payment or Benefit Provided

Amount or value, method (e.g. cryptocurrency, transfer, service), date/time, and any transaction reference or hash

Communications
Log

Timestamps and concise summaries of messages or negotiations with the extorting party or intermediaries

Submission
Checklist

A final pass to confirm completeness and note any “not known at time of submission” items

Get a clear, compliant template to report any ransomware or cyber-extortion payment within 72 hours—designed for Engineering & Design Firms, and aligned to the Cyber Security Act 2024.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Explore DefenderSuite Plans

Essential threat protection and baseline compliance for growing businesses needing reliable protection without complex management or high costs.

Advanced threat protection, email protection, and Level 1 Essential Eight alignment for businesses handling sensitive data and stricter requirements.

Comprehensive threat protection, privileged access controls, and Level 2 Essential Eight maturity for businesses at higher risk of targeted attacks.

Enterprise-grade threat protection, insider risk management, and Essential Eight Level 3 for businesses with complex, regulated environments.

Let’s Talk About Your Business’s Cybersecurity

Compliance, data protection, or selecting the right plan — whatever your priority, our team will help you take the next step.

Thank you

Thanks for reaching out. We will get back to you soon.
Oops! Something went wrong while submitting the form.

Need immediate assistance?

Speak with our Cybersecurity Experts today.

Phone
+ 61 1300 93 77 49

Contact us by email

You’ll receive a reply within 1 business day.

Email
info@defendersuite.com

From Risk to
Resilience