Ransomware Action Plan

Minister’s foreword

The Australian Government’s cyber security vision is to create a more secure online world for Australians, their businesses and essential services. However, Australia faces a rapidly evolving strategic environment, punctuated by increasing malicious cyber activity conducted by transnational, serious and organised crime groups and individuals. This Ransomware Action Plan sets out the Government’s immediate strategic approach to tackle the threat posed by ransomware, and builds on the overarching cyber security architecture instigated in the 2016 and 2020 Cyber Security Strategies, and is designed around the framework of the National Strategy to Fight Transnational, Serious and Organised Crime.

We are continuing to observe cybercriminals successfully use ransomware to disrupt services and steal from Australians. Whether it is conducting attacks on critical infrastructure, taking from small businesses or targeting the most vulnerable members of our community, cybercriminals use ransomware to do Australians real and long-lasting harm. In response, the Australian Government is taking concrete action to protect Australians, including working with our international and business partners to combat this global threat.

Criminals are carrying out attacks simultaneously to exploit or steal from as many victims as possible. Over the past 12 months, Australia has faced a 15% increase in ransomware attacks reported to the Australian Cyber Security Centre. During a time where we are focused on growing Australia’s future as a modern and leading digital economy, safety, security and trust in the cyber-enabled systems we all rely on has never been of greater importance.

The Ransomware Action Plan takes a decisive stance – the Australian Government does not condone ransom payments being made to cybercriminals. Any ransom payment, small or large, fuels the ransomware business model, putting other Australians at risk. Paying ransoms does not guarantee access to locked systems or sensitive data, and may open the victim up to repeat attacks. We need to ensure that Australia remains an unattractive target for criminals and a hostile place for them to operate.

Recognising that there are several cyber and ransomware initiatives already in place, the ever changing nature of this threat means Australia needs to remain agile and prepared to quickly stand up differing approaches over time. This approach will ensure that Australia can maintain a consistent and mature security posture to meet security objectives well into the future.

Put simply – Australia takes a zero tolerance approach to ransomware.