Australia plots harsher penalties for hackers involved in ransomware attacks
The country has published its ransomware action plan as it tries to tackle the growing threat


The Australian government is set to introduce new criminal offences for cyber criminals involved in ransomware attacks as the country unveils its plan for dealing with the growing threat.
The country’s new Ransomware Action Plan sets out the government’s immediate strategic approach to tackle the threat posed by ransomware, building on the cyber security architecture implemented in the 2016 and 2020 Cyber Security Strategies.
The plan details that in the future, the government is looking at introducing legislative reforms to ensure cyber criminals are held to account for their actions, and harsher penalties apply to those who engage in ransomware or target the country’s critical infrastructure.
As part of the plan, the government wants to make it easier to tackle cryptocurrency transactions associated with the proceeds of ransomware crimes and bring in legislative changes so law enforcement can investigate and seize ransomware payments.
The plan also underlines the need for new laws to mandate ransomware incident reporting to the government and adds that it does not condone ransom payments being made to hackers. The report says this fuels the ransomware business model, putting other Australians at risk.
The government is also looking to use a new piece of legislation, the Surveillance Legislation Amendment (Identify and Disrupt) Act 2021, to give powers to Australian law enforcement to identify individuals and their networks engaging in serious criminal activity on the dark web through data disruption and account takeover powers.
“We are continuing to observe cybercriminals successfully use ransomware to disrupt services and steal from Australians,” said Karen Andrews, the minister for Home Affairs.
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
“Whether it is conducting attacks on critical infrastructure, taking from small businesses or targeting the most vulnerable members of our community, cybercriminals use ransomware to do Australians real and long-lasting harm. In response, the Australian Government is taking concrete action to protect Australians, including working with our international and business partners to combat this global threat.”
In June, Labour Shadow Assistant minister for Cyber Security Tim Watts introduced the Ransomware Payments Bill 2020, which would require organisations to disclose to the Australian Cyber Security Centre when they make ransomware payments. In a tweet, Watts said that it’s unlikely that any of the government’s Ransomware Action Plan will be legislated before Australia’s next election.
Zach Marzouk is a former ITPro, CloudPro, and ChannelPro staff writer, covering topics like security, privacy, worker rights, and startups, primarily in the Asia Pacific and the US regions. Zach joined ITPro in 2017 where he was introduced to the world of B2B technology as a junior staff writer, before he returned to Argentina in 2018, working in communications and as a copywriter. In 2021, he made his way back to ITPro as a staff writer during the pandemic, before joining the world of freelance in 2022.
-
Palo Alto Networks snaps up CyberArk in identity security push
News The acquisition marks the latest in a string for Palo Alto Networks
-
Stack Overflow CEO Prashanth Chandrasekar on embracing AI
Q&A The chief executive at the well-known developer resource Stack Overflow talks future strategy and how AI has forced the company to shift its focus
-
The Scattered Spider ransomware group is infiltrating Slack and Microsoft Teams to target vulnerable employees
News The group is using new ransomware variants and new social engineering techniques - including sneaking into corporate teleconferences
-
Hackers breached a 158 year old company by guessing an employee password – experts say it’s a ‘pertinent reminder’ of the devastating impact of cyber crime
News A Panorama documentary exposed hackers' techniques and talked to the teams trying to tackle them
-
The ransomware boom shows no signs of letting up – and these groups are causing the most chaos
News Thousands of ransomware cases have already been posted on the dark web this year
-
Everything we know about the Ingram Micro cyber attack so far
News A cyber attack on Ingram Micro severely disrupted operations and has been claimed by the SafePay ransomware group.
-
A prolific ransomware group says it’s shutting down and giving out free decryption keys to victims – but cyber experts warn it's not exactly a 'gesture of goodwill'
News The Hunters International ransomware group is rebranding and switching tactics
-
Swiss government data published following supply chain attack – here’s what we know about the culprits
News Radix, a non-profit organization in the health promotion sector, supplies a number of federal offices, whose data has apparently been accessed.
-
Ransomware victims are getting better at haggling with hackers
News While nearly half of companies paid a ransom to get their data back last year, victims are taking an increasingly hard line with hackers to strike fair deals.
-
LockBit data dump reveals a treasure trove of intel on the notorious hacker group
News An analysis of May's SQL database dump shows how much LockBit was really making