After several successful ransomware attacks on high-profile targets in Australia this country decided to take the offensive against threats actors.
A press release was published (opens in new tab on the Australian Government’s site) and announced a “Joint Standing Operation” that combined the resources of the Australian Federal Police with the Australian Signals Directorate. This is an analogous to the National Security Agency in the USA.
It will “investigate and target cyber-criminal syndicates with an emphasis on ransomware threat group groups” as its mission.
Clare O’Neil, Minister for Cyber Security and Home Affairs, spoke to local media and stated that the operation would “scour the globe, hunt down criminal syndicates and bands who are targeting Australia with cyber-attacks, disrupt their efforts.”
This is not the model of police, which waits for a crime to occur and then tries to figure out who it is before doing anything to the perpetrators. These people will be hunted down and crippled before they can attack the country.
O’Neil stated that the problem with such an operation is that they are almost always found in other countries or jurisdictions, and sometimes that country’s government supports them. This is why we will likely try to disrupt their operations as much possible.
It weakens these groups when governments like ours work with the FBI, other intelligence agencies and police forces around the globe. We must also stand up and declare that Australia will not be a soft target for this kind of thing. We will pursue those who seek to take advantage of our citizens.
Recent ransomware attacks have caused major disruptions to Australian businesses. The attack on JBS meat producers last year resulted in some 7000 Australian employees being “stopped down”.
Recent ransomware attacks that involved data theft have been suffered by Optus and Medibank, both local health insurers.
The Medibank breach is ongoing as threat actors continue to release stolen data to the wild. The company stated publicly that it will not pay ransom to stop the leaks.