After eight Australian companies including Optus and Medibank have suffered cyberattacks and data breaches since September, the Australian government is taking drastic measures. Minister for Home Affairs and Cybersecurity Clare O’Neil said the government is formalizing a “permanent partnership” between the Australian Federal Police (AFP) and the Australian Signals Directorate to perform “new tough policing” on cybercrime.
O’Neil did not mince words, stating that “the taskforce would day in, day out, hunt down the scumbags who are responsible for these malicious crimes.”
The new taskforce will “hack the hackers” behind the recent breaches. The cyber operatives will use the same cyber weapons and tactics as cybercriminals use, to hunt them down and eliminate them as a threat.
While Australia is not publicly confirming those responsible for recent breaches, they have at least acknowledged it is Russian-based.
Attorney General Mark Dreyfus commented, “I won’t be commenting on operational matters…but what we do know… is that it is a very organized criminal gang and that it is located in Russia,” he said.
This offensive approach by Australia is intriguing as it represents a small minority of governments who willingly admit to offensive cyber operations to protect and deter further attacks on their own soil.
It was only in 2016 when Australia first admitted to offensive cyber capabilities within the Australian Signals Directorate.
Since then, Australia has only deployed cyber weapons against a few publicly acknowledged instances. In 2016, they performed cyber operations against ISIS, and during the COVID-19 pandemic against scammers.
There is no doubt that this new stance on cyber offense operations will both raise Australia’s profile in the cyber domain, as well as put a larger target on its back.
