After a series of successful ransomware attacks against known targets in Australia, the country has decided to go on the offensive against cybercriminals.
Press release published (opens in a new tab) on the Australian Government website announced a “Joint Permanent Operation” combining the resources of the Australian Federal Police and the Australian Signals Directorate, analogous to the National Security Agency (NSA) in the US.
Its mission will be “to investigate, attack and disrupt cybercrime syndicates with a focus on ransomware threat groups.”
On the offensive
Speaking to local media, Home Secretary and Cyber Security Clare O’Neil said the operation would “search the world, track down crime syndicates and gangs that target Australia in cyberattacks and disrupt their efforts.”
“This is not a police model where we wait for a crime to be committed and then try to figure out who it is and do something to the people who are responsible for it. We’re going to offensively find these people to hunt them down and weaken them. before they attack our country.”
The problem with such an operation, O’Neil said, is that these groups are almost always located in other countries and other jurisdictions, and that sometimes the government of that country supports their activities. Therefore, the goal will most likely be to try to disrupt their activities as much as possible.
“It weakens these groups if governments like ours work with the FBI and other police forces and intelligence agencies around the world. The second big thing we have to do is stand up and say Australia is not going to be a soft target for something like that. And if people come for our citizens, we will go for them.
In recent times, companies in Australia have been the victims of several major ransomware attacks. Last year’s attack on JBS meat producers caused the company to “give up” around 7,000 Australian workers.
Recently, local health insurer Medibank and telecommunications giant Optus were the victims of major ransomware attacks involving data theft.
The Medibank incident continues as cybercriminals continue to share stolen data. The company has publicly stated that it will not pay any ransom to stop the leaks.
By: Register (opens in a new tab)