The federal government has ordered its intelligence forces to go on the offensive against ransomware gangs, with a new cross-agency taskforce established and a near-tripling of the AFP officers focusing on the issue.
A new taskforce, dubbed Operation Orcus, has been established, spanning across agencies including the Australian Cyber Security Centre (ACSC), the Australian Federal Police (AFP), the Australian Criminal Intelligence Commission (ACIC), Austrac and state and territory police forces, the Australian reported.
As part of this new taskforce, the number of AFP staff working directly with the ACSC on cyber issues will jump from 13 to 35.
Home affairs minister Karen Andrews said that “time’s up” for ransomware gangs.
“Time’s up for the organised criminals who prey on our schools, hospitals, businesses and private citizens with this despicable technology,” Ms Andrews said.
“The Morrison government is protecting Australia’s digital economy with a new AFP-led operation against ransomware, and it has already invested $89.9 million to expand the AFP’s operational capabilities to disrupt and identify cybercrime as part of the government Cyber Security Strategy.
“This strong action should come as no surprise. I’ve said consistently that increasing cybersecurity and cracking down on cyber crime are my top priorities.”
But shadow assistant minister for cybersecurity Tim Watts said time should have been up a long time ago for ransomware groups.
“While this taskforce is a welcome step, the Morrison government has missed every opportunity to take the basic actions needed to combat ransomware. Australian businesses and workers need a government that’s on their side in the fight against ransomware,” Mr Watts told InnovationAus.
“Labor has been calling for a national ransomware strategy since February to combat the billion-dollar ransomware scourge which threatens jobs and livelihoods. The Minister now says ‘time’s up’ for ransomware crews. What on earth has the Morrison government been waiting for?
“It’s past time the Morrison government put the full force of government behind fighting ransomware and developed a national ransomware strategy.”
The new Australian taskforce announcement came just days after the US government stumped up its own cross-agency ransomware taskforce. Unlike Australia, the US has also offered up $10 million as rewards for information on ransomware threat actors.
The federal government is also considering whether to make it illegal for insurance companies to provide cover for companies looking to make a ransomware payment in order to discourage this practice.
The Coalition is looking to hand the AFP and other agencies significant further powers to access the online accounts of suspected criminals and “disrupt” their data, with this legislation currently the subject of a parliamentary inquiry.
Ransomware has been a significant issue this year, driven by a spate of high-profile attacks of Australian businesses and institutions, and by Labor zeroing in and attacking the government for a lack of action in the space.
In February the Opposition called for a national ransomware strategy, and Mr Watts last month introduced legislation which would introduce a mandatory reporting scheme for businesses looking to make a ransomware payment.
A report by the Australian Strategic Policy Institute released last week said that a “policy vacuum” has made Australia an “attractive market” for hackers, and that ransomware will only get worse unless there are strategic domestic efforts to prevent it.
In terms of ransomware this year, the government has launched a new awareness campaign, consulted with its business advisory group and has said it will work with international allies on the growing threat.
Labor has previously called on the government to “release the hounds” on ransomware groups, with Mr Watts urging its spy agencies to actively try to disrupt their operations.
It came after it was revealed that the Australian Signals Directorate did not take an offensive action against the group behind the ransomware attack on Nine, despite knowing who they were.
Mr Watts said the ASD should establish a “target list” of the top 10 ransomware groups targeting Australia and ramp up efforts to disrupt them.
The Labor legislation introducing a mandatory reporting scheme for ransomware attacks is likely to be debated in Parliament next month. Mr Watts said it “lays the foundation” for further enforcement actions against these groups, and would require businesses to notify the ACSC if they are going to make a ransomware payment in order to inform authorities and policy-making in the space.
Do you know more? Contact James Riley via Email.