Australia's new Ransomware Action Plan is now looking to collect data coming from compromised organizations and requiring them to report any incidents. The government has also announced a new set of different stand-alone criminal offenses for those particular individuals using ransomware under what it has reportedly labeled its own Ransomware Action Plan.
Ransomware Used in Cyber Extortion
Under the official new plan, as seen in the Ransomware Action Plan, people who are reportedly using ransomware in order to conduct cyber extortion will be given new stand-alone aggravated criminal charges. A brand new criminal offense has also been created for those that are targeting critical infrastructure with ransomware.
According to ZDnet, the new acts of dealing with stolen data that were knowingly obtained in the course of committing yet another separate criminal offense and buying or even selling malware for purposes of undertaking certain computer crimes are both considered criminalized. Minister for Home Affairs Karen Andrews gave a statement.
Ransomware Action Plan
According to Karen Andrews, the new Ransomware Action Plan is taking a decisive stance. It was noted that the Australian Government does not condone any ransom payments that are being made to cybercriminals. It was noted that any ransom payment, either small or large, would fuel the whole ransomware business model and thus put Australia at risk.
Alongside the brand new criminal offenses, the new plan is set to roll out a new mandatory ransomware incident reporting regime. This would require organizations to formally notify the government if they are experiencing any particular cyber attack. Even the largest companies aren't immune to ransomware, as Microsoft Exchange servers were just hacked by a ransomware gang in August.
Security Legislation Amendment Critical Infrastructure Bill 2020
The brand new plan will also see the current government work in order to introduce additional legislative reforms that would help potentially allow law enforcement to track, seize, or even freeze ransomware gangs' proceeds of certain crimes. The new criminal offenses as well as reporting regime is said to be regulated through the official Security Legislation Amendment (Critical Infrastructure) Bill 2020, according to the government.
The new bill is now expected to be passed soon after it gets the tick of approval coming from a joint parliamentary committee soon. The new measures were actually specifically recommended to be passed immediately by the parliamentary committee as it reportedly stated that there was compelling evidence regarding the complexity as well as the frequency of the cyber attacks on certain critical infrastructure increasing.
Committee chair Senator James Paterson noted that Australia is not immune and as of the moment. Paterson also noted that there is clear recognition from both government and industry that they need to protect the nation against the new, more sophisticated cyber threats, which are particularly against their critical infrastructure. There are certain precautions that can be taken in order to avoid getting penetrated by ransomware.
This article is owned by Tech Times
Written by Urian B.