>
After a series of successful ransomware attacks against high-profile targets in Australia, the country has decided to go on the offensive against threat actors.
A press release published (opens in new tab) announced on the Australian government’s website a “joint permanent operation” combining the resources of the Australian Federal Police and the Australian Signals Directorate, an analogue of the National Security Agency (NSA) in the US.
Its mission will be to “investigate, target and disrupt cybercriminal syndicates with priority for ransomware threat groups”.
On the offensive
Home Secretary and Cybersecurity Clare O’Neil told local media that the operation “will search the world, track down the criminal syndicates and gangs targeting Australia in cyber-attacks, and disrupt their efforts.”
“This is not a police model, where we wait for a crime to be committed and then try to understand who it is and do something about the people responsible. We will see these people attacking them hunt them down and weaken them before they attack our country can attack.”
The problem with such an operation, O’Neil said, is that these groups are almost always in other countries and jurisdictions, and that country’s government sometimes supports their action. Therefore, the goal will most likely be to try to disrupt their activities as much as possible.
“It weakens these groups when governments like ours work with the FBI and other police and intelligence agencies around the world. The second important thing we need to do is stand up and say that Australia will not be a soft target for these And if people are behind our citizens come, we go after them.”
Companies in Australia have been dealing with a number of major ransomware attacks in recent times. Last year’s attack on meat producers JBS led the company to ‘resign’ some 7,000 Australian employees.
More recently, local health insurer Medibank and telecommunications giant Optus have both faced major ransomware attacks involving data theft.
The Medibank incident is still ongoing as the threat actors are still releasing stolen data into the wild. The company has publicly stated that it will not pay a ransom to stop the leaks.
Through: The register (opens in new tab)