Australia’s new law allows regulators to seize and freeze crypto

The measures take a decisive stance against ransomware payments: Minister of Home Affairs

After a surge in cyberattacks on critical Australian infrastructure including prominent businesses and state agencies last year, the country has decided to introduce stricter penalties for cybercriminals in what is being dubbed as the 'Ransomware Action Plan’.

These new sets of measures seek to criminalise the sale of stolen data and the purchase of malware with the intention to commit computer crimes, discourage victims from paying a ransom for cyber-attacks and deter international cybercriminals from targeting Australian institutions by controlling the flow of funds into the world of ransomware.

"The Ransomware Action Plan takes a decisive stance — the Australian Government does not condone ransom payments being made to cybercriminals,” Minister for Home Affairs Karen Andrews said.

“Any ransom payment, small or large, fuels the ransomware business model, putting other Australians at risk," she added.

Operation Orcus, a multi-agency task force that is credited with offering recommendations that led to the action plan, was set up by the Australian government earlier this year to tackle the increasing number of ransomware attacks.

Australian businesses and institutions including Uniting Care Queensland, brewing company Lion, Nine Entertainment and the NSW Labor Party were attacked last year by the deployment of malware such as REvil or DarkSide from mostly Russian cybercriminals. They encrypted or stole sensitive information during these attacks and then demanded a ransom in cryptocurrencies.  

As part of these measures, the Ransomware Action Plan gives authorities the power to seize or freeze crypto transactions that are linked with cybercrime, irrespective of the country of origin. 

The plan also aims to work with the government to modernise the current legislation in order to equip authorities with the tools to track and recover funds stolen by cybercriminals.  

These measures are being developed, though the Security Legislation Amendment (Critical Infrastructure) Bill 2020 is already under consideration by the Australian parliament. The Security Legislation Amendment attempts to increase the ability of the government to undertake action against cybercriminals and mandates the reporting of ransomware attacks by victims.