Australia Ramping Up Its Ransomware Attack Reporting
Table of Contents
- By Dawna M. Roberts
- Published: Oct 25, 2021
- Last Updated: Mar 18, 2022
Australia’s government is taking a hard line against ransomware attacks. New laws demand that businesses report ransomware attacks to the government and include assistance for victims and harsher criminal penalties for hackers.
What Happened in Australia?
The Australian government released a 16-page Ransomware Action Plan because of the rampant ransomware attacks on schools, hospitals, and corporations within the country. However, parliament needs to approve the plan before it is put into place, and since there are only four sitting weeks left, it could delay the new law. Additionally, a federal election must be held by May 2022 before the government can implement the action plan.
Data Breach Today warns that,
“Labor member of Parliament Tim Watts has been calling for a national ransomware strategy since February. In a joint statement with Labor Sen. Kristina Keneally, Watts says it’s good the government has acted, but it should have taken action sooner (see Australia Considers Mandating Ransom Payment Reporting ).”
Watts continued his rant, stating that the government “failed to act for months despite an onslaught of attacks against Australian organizations this year including multiple health and hospital networks, the Nine Network, and JBS Meats, our biggest meat supplier.”
The State of Ransomware in Australia
Ransomware has become a major issue for many Australian companies. Data leaked by hackers has forced organizations to publicly admit to attacks and explain why business operations have halted. However, outside the country, it is not as clear to onlookers what companies have been hit or how hard.
The new law requires businesses with annual revenues of 10 million (Australian) $7.3 million (USD) or more to report the ransomware incident to the government.
According to Home Affairs Minister Karen Andrews, the intent of the new requirement is so that the government can “better support” victims and understand how serious the threat is to work towards a more efficient system of protection.
Don’t Pay the Ransom
Although it is not a crime, the Australian government does not condone paying any ransom to the attackers. The outline for the new action plan says,
“Paying the ransom is critical to the ransomware perpetrators’ business model and will make Australia a more attractive target for criminals. Paying a ransom does not guarantee a successful outcome - encrypted systems may not be restored, sensitive data may be released or sold to other perpetrators, and victims may be targeted multiple times.”
Unfortunately, critics claim that in some cases paying the ransom may be the only option for mitigation and release of the company’s critical data.
Harsher Criminal Penalties
Another facet of the ransomware action plan is to impose much stricter penalties on anyone who plans, participates, and executes a ransomware attack. Alongside harsher penalties, the plan calls for aggressive measures for securing Australia’s infrastructure and government agencies.
Data Breach Today adds,
“Another prong of the plan would ensure that Australian law enforcement can “track, seize or freeze ransomware gang’s proceeds of crime.” The use of cryptocurrencies such as bitcoin and monero have helped fuel the success of ransomware schemes.”
Although cryptocurrency can be difficult to trace, it’s not impossible. Companies such as Chainalysis have assisted the IRS in tracking down criminals using crypto when converting it to cash.
Local law enforcement will also be working on the problem from their angle. The country is also forming a multi-agency task force devoted to ransomware investigations. The new task force is called Operation Orca and will be headed up by the Australian Federal Police.
Secret government operatives will also get tossed into the game to try and disrupt ransomware operations from the inside.
The final piece of the puzzle is developing better plans for protection and securing against future attacks.