Close this search box.

It’s on. Australia finally moves to crack down on ransomware


The Australian government is planning to introduce tougher criminal offences and penalties for ransomware crooks as well as a mandatory reporting regime for victims of ransomware attacks. 

Home Affairs minister Karen Andrews today introduced a new “ransomware action plan” intended to “hit cybercrooks where it hurts most – their bank balances”. 

Ransomware incidents in Australia jumped by 15 percent over the past year. 

The plan – currently light on detail – will see new standalone aggravated criminal offences with harsh penalties introduced for all forms of cyber extortion as well as ransomware attacks that target critical infrastructure. 

Dealing with stolen data that has been knowingly obtained illegally will also become a crime, as will buying or selling malware for use in cyber crimes. 

The government also said it would update legislation to allow law enforcement to better track, seize or freeze cryptocurrency-based ransomware transactions.  

And victims of ransomware with a turnover of more than $10 million will be required to report the incident to government under new additional legislation. 

The mandatory reporting regime will allow government to “enhance our understanding of the threat and enable better support to victims”, Andrews said. Ransomware victims could be hit with civil penalties if they fail to comply. 

The proposal comes after the Australian Signals Directorate revealed it had experienced difficulty on occasion getting co-operation from some large victims of ransomware. 

ASD director-general Rachael Noble earlier this year said the agency had only discovered a ransomware attack of “national” significance through media reports, and subsequently struggled to gain information from the victim firm itself.  

Transport giant Toll Group later outed itself as the entity ASD was referencing, but argued it had worked closely with the agency without any issues being raised at the time. Toll did however concede “we may not have responded at the pace the ASD may have expected due to the crises we were experiencing”. 

The detail of the new reporting regime and criminal offence changes are yet to be revealed.  

The changes add to proposed laws for critical infrastructure operators currently before parliament that would introduce minimum cyber security standards and allow government to intervene in active attacks. Many organisations are also already required to report data breaches impacting personal information to the OAIC. 

Consultation will now be undertaken with relevant stakeholders on the mandatory reporting regime and new criminal offences, the government said.

The planned changes somewhat mimic a number of measures being undertaken by the US government to similarly disrupt the ransomware industry. 

US President Joe Biden announced a four-pronged strategy to target ransomware actors in July, largely aimed at cracking down on their financial transactions, making US firms more resilient to hacking, and strengthening joint international efforts. 

Last month it started to follow through on a pledge to sanction financial exchanges that facilitate ransomware payments. Bipartisan legislation to mandate that certain firms and federal agencies report cyber attacks to the US government is expected to be introduced imminently

And later this month Biden will host officials from 30 countries as part of a Counter-Ransomware Initiative meeting that will look at how best to combat ransomware and other forms of cyber crime. 

Ahmed Khanji

Ahmed Khanji

Ahmed Khanji is the CEO of Gridware, a leading cybersecurity consultancy based in Sydney, Australia. An emerging thought leader in cybersecurity, Ahmed is an Adjunct Professor at Western Sydney University and regularly contributes to cybersecurity conversations in Australia. As well as his extensive background as a security advisor to large Australian Enterprises, he is a regular keynote speaker and guest lecturer on offensive cybersecurity topics and blockchain.


Sydney Offices
Level 12, Suite 6
189 Kent Street
Sydney NSW 2000
1300 211 235

Melbourne Offices
Level 13, 114 William Street
Melbourne, VIC 3000
1300 211 235

Perth Offices
Level 32, 152 St Georges Terrace
Perth WA 6000
1300 211 235


Learn more about the team at the forefront of the Australian Cyber Security scene.

About Us →

Meet the Team →

Partnerships →

Learn more about the team at the forefront of the Australian Cyber Security scene.

Career Opportunities →

Internships →

Media appearances and contributions by Gridware and our staff.

See More →



Whether you need us to take care of security for you, respond to incidents, or provide consulting advice, we help you stay protected.

View all services →

Web App Pen. Test Calculator →

Network Pen. Test Calculator →

Governance & Audit

Legal and regulatory protection

Penetration Testing

Uncover system vulnerabilities

Remote Working & Phishing

Fortify your defenses

Cyber Security Strategy

Adaptation to evolving threats

Cloud & Infrastructure

Secure cloud computing solutions

Gridware 360

End-to-end security suite

Gridware Managed Services

Comprehensive & proactive security

Gridware CloudControl

Harness the benefits of cloud technology

Gridware Incident Response 24/7

Swift, expert-led incident resolution



A collection of our published insights, whitepapers, customer success stories and more.

Customer success stories from real Gridware customers. Find out how we have helped others stay on top of their Cyber Security.

Read More →