Australia’s new ransomware plan to allow freezing, seizure of digital currencies

Australia’s new ransomware plan to allow freezing, seizure of digital currencies

As ransomware attacks continue to wreak havoc globally, Australia has come up with a plan to combat the crime. Dubbed the Ransomware Action Plan, it sets out a comprehensive government strategy to target criminals behind the vice, including through new criminal charges and allowing authorities to seize digital currencies linked with ransomware payments.

The plan comes at a time when Australia has seen a steady rise in ransomware attacks. In the past year, Australian businesses and public agencies saw a 60% spike in ransomware attacks, costing the economy AUD 1.4 billion (US$1.04 billion).

According to the Australian Cyber Security Centre, a quarter of these attacks targeted critical infrastructure in the healthcare and energy sectors. In a report last month, the centre revealed that in the 2020-21 financial year, it received 67,500 reports of cybercrime, or one every eight minutes.

The Australian government is seeking to stamp out this growing crime with its latest plan, targeting not just the criminals but the financial channels they exploit to receive the funds.

“We need to ensure that Australia remains an unattractive target for criminals and a hostile place for them to operate,” Karen Andrews, the Minister for Home Affairs stated while introducing the 12-page plan.

Following the money

Ransomware attacks have burgeoned in recent years, with a business being attacked every 11 seconds globally. Over $20 billion is expected to be paid in ransomware in 2021, according to a report from Cybersecurity Ventures. Digital currencies have become increasingly intertwined with this crime, with some regulators claiming that they have spurred its growth.

Australian regulators are among those convinced that cracking down on digital currency ransom payments would go a long way in curbing the crime. In the new ransomware action plan, the government has allowed the seizure of digital currencies used in ransomware payments, as well as the freezing of accounts related to such payments.

“…the Morrison government is taking action to disrupt, pursue and prosecute cyber criminals. Our tough new laws will target this online criminality and hit cybercrooks where it hurts most – their bank balances,” Minister Andrews commented.

The new plan also introduces a new stand-alone offense for cybercriminals who engage in extortion, one for those who target critical infrastructure and another for those that deal with stolen data. It also makes it illegal to sell or buy malware over the Internet.

Australian companies that have a turnover exceeding $10 million a year must also report any cases of ransomware every year or face legal implications. This requirement comes at a time when the Australian Signals Directorate revealed that some large companies which had been targeted by ransomware attacks had refused to cooperate with government agencies and withheld details about the attacks.

The government didn’t outline what the penalties will be for companies that fail to report such attacks. However, according to the Minister, the authorities want to prioritize education over sanctions.

The new ransomware incident reporting regime will “enhance our understanding of the threat and enable better support to victims of ransomware attacks. It will be designed to benefit, not burden small businesses,” the minister commented.

Industry experts believe that promoting reporting of all ransomware attacks will go a long way in deterring future attacks.

“We need more visibility and transparency to encourage more conversations about the impact and ferocity of ransomware attacks or near misses,” Jacqueline Jayne, a security awareness advocate at KnowBe4 observed.

She added, “The increase in discussion would bring with it an opportunity to educate all Australians about cyber security risks, and reporting can be used as a tool to share and to learn from these incidents.”

In 2021, a number of high-profile companies have been victims of ransomware attacks in Australia. They include Nine Entertainment in March, leaving the company struggling to televise news bulletins or print newspapers. An attack on global meat behemoth JBS Foods led to the shutdown of 47 facilities in Australia.

And while criminals continue to favor digital currency ransomware payments, the CEO of blockchain analytics firm Chainalysis believes that this is their biggest mistake.

“As paradoxical as it seems, it can actually be beneficial to investigators when bad actors choose to use cryptocurrency when committing crimes,” he commented recently, noting that blockchain technology’s public and immutable ledger allows law enforcement to track illicit payments.

Watch: CoinGeek Zurich panel, Using Blockchain to Strengthen Cybersecurity

YouTube video

New to blockchain? Check out CoinGeek’s Blockchain for Beginners section, the ultimate resource guide to learn more about blockchain technology.