The Crimes Legislation Amendment (Ransomware Action Plan) Bill has been introduced into the House of Representatives.

If passed, the Bill will amend the Criminal Code Act 1995, the Crimes Act 1914 and the Proceeds of Crime Act 2002 to modernise criminal offences and procedures to respond to the threat of ransomware.

The Bill will implement the Government’s plan for recovery mechanisms for ransomware victims, and disrupt and deter the perpetrators of ransomware attacks. Background.

The Bill introduces measures to address these challenges in order to:
1 ensure that that criminals are deprived of the benefits of their crimes and are deterred from further criminal activity;
2 disrupt and combat serious and organised crime; and
3 ensure that freezing orders, notices to financial institutions, and monitoring orders can be made in relation to digital currency exchanges.

A financial institution will commit an offence if it allows a withdrawal from or transaction involving an account, which is subject to a freezing order, where the withdrawal or transaction contravenes the order.

The Bill introduces a stand-alone offence of “dealing with data obtained by unauthorised access or modification”.

This offence criminalises the conduct of a person dealing with data obtained by unauthorised access or modification if:
• a person dishonestly obtains data, or causes any access to data, or causes any modification to data, or causes any release of data to one or more persons,
• the person does so using a carriage service, and
• the data has been obtained (whether or not by the person) by any unauthorised access to data or modification of data held in a computer.

If you found this article helpful, then subscribe to our news emails to keep up to date and look at our video courses for in-depth training. Use the search box at the top right of this page or the categories list on the right hand side of this page to check for other articles on the same or related matters.