New Australian ransomware plan could freeze or seize cryptocurrencies

Australian authorities are laying the groundwork to seize or freeze cryptocurrencies linked to cybercrimes regardless from where the attacks originated, according to a new Ransomware Action Plan released by the Australian government.

The 12-page document aims to set out a comprehensive government strategy to target cyber criminals. Among other things, the plan proposes new criminal charges against adversaries who target critical infrastructure with ransomware and suggests new criminal statutes for those who knowingly buy or sell stolen data or malware. 

“We need to ensure that Australia remains an unattractive target for criminals and a hostile place for them to operate,” the Minister for Home Affairs, Karen Andrews, wrote in a forward to the plan. “The ever changing nature of this threat means Australia needs to remain agile and prepared to quickly stand up differing approaches over time.”

The action plan was released on the fringes of a two-day virtual summit convened by the White House that brings together 30 countries in order to work on how better to combat malicious cyber activity, and particularly how to stem the widespread use of virtual currencies to launder ransomware payments.

Michael Pezzulo, secretary of Australia’s Department of Home Affairs, took part in the summit and said the action plan unveiled Wednesday was aimed at giving law enforcement “the most sensitive legal authorities possible” to hunt for adversaries in cyberspace. He said Australia is looking for new ways to work with the private sector to protect key networks. 

Among the initiatives in the plan:

• modernizing legislation to allow law enforcement to track, seize, and freeze ill-gotten gains
• the introduction of legislation that requires ransomware incident reporting
• introducing new criminal statutes aimed at all forms of cyber extortion and in particular focuses on those who target critical infrastructure with ransomware
• establishing a taskforce within the Australian Federal Police to focus on ransomware
• providing advice and counsel to businesses on ransomware payments (officials discourage businesses from paying them)
• joining in international operations to disrupt ransomware actors
• actively calling out those who support, facilitate or provide safe havens to cybercriminals

It is estimated that there is a ransomware attack on some business somewhere in the world every 11 seconds. Global losses from ransomware attacks, the action plan said, citing research from Cybersecurity Ventures, are projected to be some $20 billion by the end of this year. Over the past 12 months, Australia has faced a 15 percent increase in these kinds of attacks, according to the Australian Cyber Security Center.