In response to recent high-profile cybercrime events, including the Optus and Medibank data breaches, the Federal Government has unveiled a new partnership between the Australian Federal Police (AFP) and the Australian Signals Directorate (ASD) to proactively tackle cyber-criminal syndicates.
The pair will form a Joint Standing Operation designed to target and disrupt criminal syndicates, with a priority focus on ransomware threat groups.
Addressing a media conference in Melbourne, Minister for Cyber Security Clare O’Neil said the new body will not only deliver a more coordinated cyber-crime response but also take on a proactive, attack-focused role to effectively “hack the hackers”.
She added that the group would consist of “the smartest and toughest people” in the country.
“This is the formalisation of a partnership, a standing body in the Australian Government, which will, day in, day out, hunt down the scumbags who are responsible for these malicious crimes against innocent people,” O’Neil said.
“I am not going to go into the specifics, but this term ‘disruption’ is what we’re here to talk about and this Joint Standing Operation is not simply responding to crime. They will be hunting these gangs wherever they are around the world and disrupting their activities. We are going to hack the hackers.”
The Minister said that the new partnership would also formalise and intensify cooperation between the two key cyber enforcement agencies, the AFP and the ASD, and send a message to cyber-criminals who would seek to do Australians harm.
Around 100 officers from across both the AFP and ASD are set to join the new Operation on a permanent basis. The Government said the new group would also complement and build upon work it currently conducts with its international partners and allies, including the collection of intelligence as well as the identification of ring-leaders, networks and infrastructure intended to disrupt and stop cyber-criminal operations.
“The recent Optus and Medibank data breaches have shown the extent of the damage that can be done by malicious actors. This new joint campaign will ensure the full powers of the AFP and ASD are brought to bear to stop such incidents before they start,” the Minister said in an official statement.
The Government also announced that from early next year Australia would host a virtual international counter-ransomware taskforce as part of the global Counter-Ransomware Initiative – one that fully appreciates ransomware as a transnational threat that requires coordinated international action to combat.
This new international counter-ransomware taskforce will be hosted by the Department of Home Affairs Cyber and Critical Technology Coordination Centre.
Additionally, the Government, during the next parliamentary sitting fortnight, will move to pass tough new privacy laws that will increase penalties for data breaches to a maximum of $50 million (up from just $2.22 million) or 30 per cent of a company’s adjusted turnover in the relevant period. The move, it said, would provide a strong incentive for companies and large organisations to do better to protect the data of their customers and prevent future breaches.
The Minister said the bill would not only “vastly increase the maximum penalty that companies face for serious data breaches” but also “provide the Australian Information Commissioner with greater powers to resolve those breaches”.
“I call on all parties to support this bill when it comes before the Senate and have it passed without delay so that we can treat this serious problem with the urgency that it deserves,” O’Neil told the media conference.