This is the first time Australia has used its cyber sanctions framework since legislating it in 2021. The sanction makes it a criminal offence, punishable by up to 10 years in jail and fines
Australia on Tuesday imposed cyber sanctions on a Russian man for his role in the breach at insurer Medibank, one of the country’s biggest data thefts which impacted about 10 million customers.
A Russian national has been sanctioned by the Australian government for his role in a cyber attack that compromised the personal information of more than 10 million Australians.
In October 2022, client data from Medibank, Australia’s largest health insurer, was released by an extortionist, including details of HIV diagnoses and drug abuse treatments, after the company refused to pay a ransom for the personal records of current and former customers.
On Tuesday, the Australian government imposed its cyber sanction powers for the first time against Aleksandr Ermakov after Australian Federal Police and intelligence agencies, with support from undisclosed global partners’ made the link between the Russian citizen and the cyber attack.
Australian Deputy Prime Minister Richard Marles said the sanctions imposed are part of Australia’s efforts to expose cyber criminals and debilitate groups engaging in cyber attacks.
“In our current strategic circumstances we continue to see governments, critical infrastructure, businesses and households in Australia targeted by malicious cyber actors,” Marles said in a statement on Tuesday.
Reports of cybercrime in Australia have spiked over recent years with several companies disclosing hacks, prompting the government last year to overhaul its cyber security rules and set up an agency to help coordinate responses.
Targeted financial sanctions and a travel ban have been imposed on Russian citizen Aleksandr Ermakov after Australian authorities linked him to the breach at Medibank, Home Affairs Minister Clare O’Neil said during a press briefing.
“These people are cowards and they’re scumbags. They hide behind technology and today, the Australian government is saying that when we put our minds to it, we’ll unveil who you are, and we’ll make sure you are accountable,” O’Neil said.
This is the first time Australia has used its cyber sanctions framework since legislating it in 2021.
“We continue to work with our friends and partners around the world to ensure cyber criminals are held to account for their actions and we will relentlessly pursue activities which disrupt their capability to target Australians in the cyber space,” he said.
This sanction makes it a criminal offence, punishable by up to 10 years’ imprisonment, to provide assets to Ermakov, or to use or deal with his assets, including through cryptocurrency wallets or ransomware payments.
The sanctions may not result in the arrest of the hacker or deter others from targeting Australian assets but the government’s move “is a step in the right direction,” said Nigel Phair, cybersecurity professor at the Monash University.
“It puts sand in the gears of the cyber criminals by degrading their efforts to work with others in future criminal pursuits,” Phair said. Medibank in 2022 disclosed that a hacker stole the personal information of 9.7 million current and former customers, and released the data on the dark web.
A government report in November said state-sponsored cyber groups and hackers had stepped up assaults on Australia’s critical infrastructure, businesses and homes, with one attack every six minutes likely occurring on Australian assets.
Hackers in November hit DP World Australia, one of the country’s largest ports operators, forcing it to suspend operations for three days. Victoria state authorities early this month disclosed court recordings database was breached, impacting recordings and transcription services.