Australian businesses face tough new reporting requirements for ransomware payments made to hackers, as federal Labor moves to close vulnerabilities in the country’s cybersecurity regime.

The government expects to introduce legislation to federal parliament within weeks that will require firms with a turnover of $3 million or more, as well as government entities, to report payments to the Australian Signals Directorate’s Australian Cyber Security Centre.