Medibank: Australia imposes sanctions on Russian hacker

Australia has imposed cyber sanctions against a Russian man for his involvement in the breach at Medibank, one of the nation’s largest data thefts affecting approximately 10 million customers.

Home Affairs Minister Clare O’Neil announced targeted financial sanctions and a travel ban against Russian citizen Aleksandr Ermakov, linking him to the Medibank breach during a press briefing.

“These people are cowards and they’re scumbags. They hide behind technology and today, the Australian government is saying that when we put our minds to it, we’ll unveil who you are, and we’ll make sure you are accountable,” O’Neil said.

This is the first time Australia has invoked its cyber sanctions framework  since its enactment in 2021. The sanctions render it a criminal offense, carrying penalties of up to 10 years in jail and fines, to provide Aleksandr Ermakov with any assets, including cryptocurrency wallets or ransomware payments.

While the sanctions may not lead to the hacker’s arrest or necessarily discourage others from targeting Australian assets, Nigel Phair, a cybersecurity professor at Monash University, believes that the government’s action is a positive step forward.

“It puts sand in the gears of the cyber criminals by degrading their efforts to work with others in future criminal pursuits,” Phair said.

In 2022, Medibank revealed that a hacker had compromised the personal information of 9.7 million current and former customers, subsequently releasing the data on the dark web.

The prevalence of cybercrime in Australia has witnessed a significant surge in recent years, manifesting in numerous incidents where companies have been compelled to disclose cyberattacks.

Also Read:  Cyber attacks: Australia to ban payment of ransoms

Last year, Australia revamped its cybersecurity regulations through a comprehensive review, leading to the establishment of a dedicated agency for improved coordination among stakeholders.

A government report in November said state-sponsored cyber groups and hackers had stepped up assaults on Australia’s critical infrastructure, businesses and homes, with one attack every six minutes likely occurring on Australian assets.

In November, hackers targeted DP World Australia, a major port operator, prompting a three-day suspension of operations. In early December, authorities in Victoria revealed a breach in the court recordings database, affecting both recordings and transcription services.