Government Accused of Blocking the Opposition’s Ransomware Bill

Government Accused of Blocking the Opposition’s Ransomware Bill

Back in October 2021, the now-former government introduced a ransomware action plan. It was a 16-page document that told us how bad ransomware is and that combatting it starts with prevention. Helpful in the aftermath of a ransomware event. It then introduced legislation in February to enshrine into law its plan for tackling threat actors who seek money. It was never debated before the government dissolved and the Ransomware Bill slipped into the ether.

Now in Opposition, Shadow Minister for Home Affairs Karen Andrews reintroduced the legislation in September without modification.

The Crimes Legislation Amendment (Ransomware Action Plan) Bill 2022 contains the same as it did when the Coalition was in power. In announcing the Bill in February, Andrews said the criminal law reforms would see tougher offences and penalties introduced for all forms of cyber extortion.

“​These changes will ensure cybercriminals who use ransomware face an increased maximum penalty of 10 years’ imprisonment and criminals targeting Australia’s critical infrastructure will receive a maximum penalty of 25 years’ imprisonment,” her press release reads.

“It will also disrupt and deter cybercriminals who engage in ransomware and cyber extortion activities targeting Australians and Australian businesses.”

All of this, of course, was before the massive data breach and subsequent ransomware demands Optus and Medibank experienced over recent months.

But while a Bill such as this may have been helpful in the aftermath of these ransomware cases, InnovationAus is reporting that the government has been blocking its passage.

Liberal MP Andrew Hastie on Monday revealed that the private member’s Bill is unlikely to progress after being stonewalled by the Parliamentary committee tasked with referring proposed legislation for review.

“Disappointingly, in the week after we introduced the Bill, Labor members on the Selection of Bills Committee blocked it from progressing for further evaluation, despite failing to provide any of their own legislation to deter cyber criminals,” the report quotes Hastie as saying.

“While Labor stalls on legislation the opposition is handing to them on a platter, Australians are continuing to fall victim to data breaches. I ask the government: what are they waiting for? The proof that the cyber domain is getting more dangerous is right in front of them in the ACSC report.”

Here are some key takeaways from the Bill.

  • The Crimes Legislation Amendment (Ransomware Action Plan) Bill 2022 amends the Criminal Code Act 1995, the Crimes Act 1914 and the Proceeds of Crime Act 2002.
  • These three pieces of crime legislation would include the introduction of a maximum imprisonment of 10 years for criminals using ransomware.
  • There’s another 10-year jail time offense for buying and selling malware for the purpose of committing a crime.
  • A 25-year maximum imprisonment for those targeting critical infrastructure would also be introduced.
  • Law enforcement would be given the power to seize cryptocurrency and other digital assets involved in a ransomware incident.

Last year, Labor announced its own ransomware legislation, one that would require organisations to inform the Australian Cyber Security Centre (ACSC) before a payment is made to a criminal organisation in response to a ransomware attack. The Ransomware Payments Bill 2021 flopped when it was introduced into the House of Representatives as the Coalition’s plan took a ‘DO NOT PAY’ stance on ransomware, while the at-the-time Opposition’s one would have instead created a ransomware reporting scheme.

The ransomware Bill is still awaiting movement.

This article has been updated since it was first published.


The Cheapest NBN 50 Plans

It’s the most popular NBN speed in Australia for a reason. Here are the cheapest plans available.

At Gizmodo, we independently select and write about stuff we love and think you'll like too. We have affiliate and advertising partnerships, which means we may collect a share of sales or other compensation from the links on this page. BTW – prices are accurate and items in stock at the time of posting.