Take over servers and accounts ransomware gangs use, and delete the stolen data to thwart double-extortion attacks is Australia’s answer to growing cyberthreat

Ransomware Australia Task Force Action Plan
Tougher stance on Ransomware gangs. Pic credit: Keith Cooper/Flickr

Ransomware gangs could lose access to their accounts and the servers they use to launch their attacks. Law enforcement officials could also have the authority to delete files the ransomware operators are holding, to dissuade double-extortion cyberthreats.

Countries across the world are trying multiple techniques to fight the growing menace of ransomware attacks. Upgrading infrastructure and raising awareness remains the top priority. But some governments seem to be taking stricter measures that are akin to “We don’t negotiate with terrorists”.

Australia formulates new laws to tackle ransomware gangs and sophisticated attacks on businesses and government agencies:

Australia’s Minister for Home Affairs has announced the “Australian Government’s Ransomware Action Plan”. The plan consists of new measures the country will adopt to combat the growing threat of ransomware.

At the forefront of the action plan is the allotment of AU $1.67 billion (USD $1.23 billion) over ten years. The funds will flow through Australia’s Cyber Security Strategy 2020, of which, tackling ransomware, is a part.

The action plan has already received an infusion of AU $164.9 ($121.2 million). Half of the funds will go towards the employment of additional AFP (Australian Federal Police) agents. The new task force will identify, investigate, and actively engage in targeting cyber criminals.

The highlights of the new Ransomware Action Plan include the following:

  • The formation of a multi-agency taskforce named ‘Operation Orcus,’ led by the AFP (Australian Federal Police).
  • The introduction of a mandatory ransomware incident reporting clause for all victimized entities.
  • The establishment of awareness-raising programs for businesses of all sizes.
  • The introduction of harsher punishments for cyber extortionists and ransomware actors based in the country.
  • Be more active in calling out states that facilitate ransomware attacks, or provide safe havens to cybercriminals.
  • Actively track and intercept cryptocurrency transactions that have confirmed links to ransomware operations or other cybercrimes.

Australian authorities tackling the ransomware cyber threat and cybercriminals could seize accounts and servers as well as delete stolen data:

To effectively conduct investigations and actively disrupt ransomware attacks, the Australian government is trying to give new and powerful rights to the relevant law enforcement departments. Through the Surveillance Legislation Amendment Act 2021, Australia hopes to empower its cybercrimes divisions such as Australian Federal Police (AFP) and the Australian Criminal Intelligence Commission (ACIC).

These agencies could “delete or remove data linked to suspected criminal activity, permitting access to devices and networks and even allowing the takeover of online accounts for investigation purposes”.

Essentially, law enforcement agencies dealing with ransomware gangs could delete data stolen that the cybercriminals stole. The agencies could also seize the servers the attackers used. Such actions would strongly dissuade “double-extortion” schemes.

Australia is also setting aside AU $6.1 million ($4.5 million) to help businesses that have suffered from a ransomware attack. The Aussie government will also train SMEs and guide them on how to bolster their cybersecurity.

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x