After a string of successful ransomware attacks against high-profile targets in Australia, the country has decided to go on the offensive against threat actors.
A press release published on the Australian Government’s website announced a “Joint standing operation” combining the resources of the Australian Federal Police and the Australian Signals Directorate, an analog to the National Security Agency (NSA) in the US.
Its mission will be to “investigate, target, and disrupt cyber-criminal syndicates with a priority on ransomware threat groups”.
On the offensive
Speaking to local media, Minister for Home Affairs and Cyber Security Clare O'Neil said the operation will "scour the world, hunt down the criminal syndicates and gangs who are targeting Australia in cyber-attacks, and disrupt their efforts."
"This is not a model of policing, where we wait for a crime to be committed and then try to understand who it is and do something to the people who are responsible. We are offensively going to find these people hunt them down and debilitate them before they can attack our country."
The problem with such an operation, O’Neil said, is that these groups are almost always located in other countries and other jurisdictions and that sometimes, that country’s government supports their action. That’s why the goal will most likely be to try and disrupt their operations as much as possible.
"It weakens these groups if governments like ours collaborate with the FBI and other police forces and intelligence agencies around the world. The second important thing that we need to do is stand up and say that Australia is not going to be a soft target to this sort of thing. And if people come after our citizens, we are going to go after them.”
Businesses in Australia have suffered a couple of major ransomware attacks in recent times. Last year’s attack against meat producers JBS resulted in the company "standing down" some 7000 Australian employees.
More recently, local health insurer Medibank and telecommunications giant Optus have both suffered major ransomware attacks involving data theft.
The Medibank incident is still ongoing, as the threat actors are still releasing stolen data to the wild. The company has publicly stated that it won't pay any ransom demand to stop the leaks.
- Check out the best endpoint protection services out there
Via: The Register
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.