Over the past 12 months, Australia has faced a 15% increase in ransomware attacks reported to the Australian Cyber Security Centre. In this context Australia's Minister for Home Affairs has announced a Ransomware Action Plan based on a "zero tolerance approach to ransomware" featuring new criminal offences, tougher penalties and a mandatory reporting regime designed to better protect the Australian community and economy from ransomware attacks.

The Ransomware Action Plan includes a range of legislative reforms such as:

  • new stand-alone aggravated offences for:
    • all forms of cyber extortion to ensure that cyber criminals who use ransomware face increased maximum penalties; and
    • cybercriminals targeting critical infrastructure in particular (as proposed to be regulated by the Security Legislation Amendment (Critical Infrastructure) Bill 2020) which recognises the importance of protecting significant assets that deliver essential services to Australians;
  • measures to criminalise: 
    • the act of dealing with stolen data knowingly obtained in the course of committing a separate criminal offence - to provide increased penalties for cybercriminals who deprive a victim of their data or publicly release a victim’s data; and
    • the buying or selling of malware for the purposes of undertaking computer crimes (as this is a preliminary step taken by many perpetrators to facilitate the commission of a cyber attack); and
  • measures to prevent cybercriminals from retaining any ill-gotten gains and enable law enforcement to better track and seize or freeze cybercriminals’ financial transactions in cryptocurrency.

The release of the proposed legislative reforms under the Ransomware Action Plan also follows the establishment of a new multi-agency operation led by the Australian Federal Police which targets ransomware attacks that are linked directly to sophisticated organised crime groups operating in Australia and overseas, and shares intelligence directly with the Australian Cyber Security Centre to support its efforts to disrupt international cybercrime activities.

The Department of Home Affairs notes that Australia’s relative wealth, high levels of online connectivity and increasing delivery of services through online channels make it very attractive and profitable for transnational cybercrime syndicates to target Australians, and has observed a particular increase in the number of larger organisations experiencing ransomware attacks over the past 24 months as part of a shift towards "big game hunting" by cybercriminals, posing increased risks for critical infrastructure providers. 

In addition to outlining Australia's proposed legislative reforms to address ransomware attacks, the Ransomware Action Plan features an insightful case study in relation to ransomware attacks against the Australian health sector along with a range of tips and resources to help Australian organisations prepare for and prevent ransomware attacks.