New Australian ransomware plan allows for seizure of crypto
Australian lawmakers are taking a tougher stance against ransomware with a new plan that increases penalties for offenders.
The new measures and proposed Surveillance Legislation Amendment announced by the federal government on Oct. 13 come after a 60% surge in cyberattacks on Australian businesses and state agencies last year. According to reports, these incursions cost the economy $AU1.4 billion (around $US1 billion).
The Ransomware Action Plan would give authorities the power to seize or freeze financial transactions in cryptocurrencies that are associated with cybercrime regardless of the country of origin.
The government aims to modernize current legislation to make it easier for authorities to try and recover crypto funds stolen by cybercriminals.
Home Affairs Minister Karen Andrews said that the new measures were designed to deter the targeting of Australian businesses by international hackers. “Our tough new laws will target this online criminality, and hit cybercrooks where it hurts most — their bank balances,” she added.
Dealing with stolen data and buying and selling malware used in ransomware attacks will also be criminalized.
A multi-agency task force called Operation Orcus was set up in July to tackle ransomware attacks. Most of the attacks originated in Russia with the deployment of malware such as REvil or DarkSide which encrypts or steals data then demands a ransom in cryptocurrency.
There have been several recent ransomware attacks on Australian targets including Uniting Care Queensland, brewing company Lion, Nine Entertainment, the NSW Labor Party, Toll Holdings, and BlueScope Steel. The attack on the JBS meat processing company in May forced it to shut down its 47 sites in Australia.
Related: Don’t blame crypto for ransomware
Lawmakers in the United States are also ramping up efforts to tackle ransomware. Earlier this month anti-crypto Senator Elizabeth Warren introduced the Ransom Disclosure Act which aimed to gather data on the role of cryptocurrency in ransomware attacks.
On Oct. 6, blockchain analytics firm Chainalysis purchased cybercrime investigative firm Excygent to bolster its arsenal in the ongoing war against ransomware.