Skip to main content

Operation Orcus: New Ransomware Taskforce

by Cameron Sinclair •
Free resource

The Australian Federal Police (AFP) will lead a new cross-agency taskforce to tackle ransomware crime.

Named ‘Operation Orcus’, AFP cyber experts will be working alongside officials from the Australian Cyber Security Centre (ACSC), the Australian Criminal Intelligence Commission, AUSTRAC, and state and territory police.

The launch of the task force was reported in the Weekend Australian with a tough talking statement from Minister for Home Affairs Karen Andrews MP: “Time’s up for the organised criminals who prey on our schools, hospitals, businesses and private citizens with this despicable technology.”

It comes a year after the ACSC declared that “ransomware has become one of the most significant cyber threats facing the operation of private sector organisations”, in its annual cyber threat annual cyber threat report for 2019-20.

The AFP received an additional funding in last years (6 October) federal Budget to combat cybercrime, including $28.9 million in the current financial year (2021-22).

The Shadow Minister for Cyber Security, Tim Watts MP has been urging the Morrison Government to develop robust ransomware policy, publishing a discussion paper on the matter in February.

In March, the Industry Advisory Committee on cyber security issued its first public discussion paper on ransomware: “Locked Out: Tackling Australia’s ransomware threat.”

Also in March, the head of ACSC, Abigail Bradshaw, addressed ransomware extensively in a speech , warning: “We are also seeing an increase in the professional syndicates operating ransomware crime – for example – ransomware as a service, and the coupling of ransomware attacks with DDOS attacks to increase the pressure to pay.” 

Aged care provider UnitingCare Queensland was targeted in a ransom attack in April; and meat processor JBS and Nine Entertainment were hit in May.

On 10 June, the of Australian Signals Directorate (ASD), Rachel Noble, told the parliamentary joint committee on intelligence there has been “a 60 per cent increase in ransomware attacks against Australian entities between this year and last year.” 

Ten days later, Watts introduced a Private Members Bill to require mandatory reporting of ransom payments.

In his speech introducing the draft bill to the House of Representatives, Watts notes Australia's cyber security strategy 2020” only mentions ransomware twice, once in a third-party quote and once in a list of issues the ACSC can provide advice to businesses on.” 

The chair of the government’s Industry Advisory Committee on cyber security, Telstra CEO Andy Penn, released the group’s first annual report on Thursday, 15 July.

It contains extensive warnings about ransomware, including a warning that “rapid growth of ransomware and business email compromise, ‘cybercrime-as-a-service’ whereby criminals with limited technological skills can now buy and use bespoke ransomware and increasing targeting of supply chains.”

The advisory committee also recommends the Morrison Government develop “a clearer policy position on the payment of ransoms by organisations subject to ransomware attacks, as well as undertaking a review of cyber insurance regimes to understand their efficacy in mitigating cyber threats.”

Orcus is a god of the underworld in ancient Roman mythology, the ‘punisher of broken oaths’.

 

Jurisdiction
  • Federal
Category
  • Software
  • Telecommunications
Sector
  • Border Security
  • Defence