Aussie cyber spies to control critical infrastructure during ransomware attacks

The new bill, if passed, will allow cyberwarfare operatives to take over control of critical infrastructure under attack.

Australia’s top cyber spies are set to gain greater powers in the event of ransomware or other cyber attacks on critical infrastructure.

The Australian Signals Directorate (ASD), a government agency in charge of cyber warfare and information security, would be able to take over control of critical infrastructure — including energy, communications and banking systems — under new legislation introduced into Parliament.

The legislation even includes health care and grocery businesses under the definition of critical infrastructure and imposes new positive security obligations.

For ASD operatives to provide assistance, operators from the affected infrastructure would have to report a serious cyber incident.

According to The Australian newspaper, the Critical Infrastructure Bill will be introduced to parliament, on Wednesday, with bipartisan support from the committee that examined it.

Home Affairs Minister Karen Andrews stated the measures proposed will ensure the safety of essential services that Australians rely on:

“Recent cyber-attacks and security threats to critical infrastructure, both in Australia and overseas, make these reforms critically important.”

But a coalition of Australian and international tech industry groups is opposed to the new law.  “Without significant revision, the bill will create an unworkable set of obligations and set a troubling global precedent,” they wrote in a joint letter.

There have been a string of high-profile ransomware attacks this year, including the Colonial Pipeline cyber attack in the United States in May, which forced governments around the world to rethink their vulnerabilities and highlighted crypto’s role in the attacks.

Another ransomware attack in May, on Australian meat processor JBS, pushed Australian lawmakers to take a tougher stance. A new Ransomware Action Plan, which was released last week, will allow Australian authorities to seize or freeze financial transactions in cryptocurrencies that are associated with cybercrime, regardless of the country of origin.

The Parliamentary Joint Committee on Intelligence and Security said the “threat of cyber security vulnerability and malicious cyber activity has become increasingly evident in recent years” with about a quarter of reported cyber security incidents affecting critical infrastructure organizations.

Related: Chainalysis acquires cybercrime investigative firm Excygent in fight against ransomware attacks