Cyber Security News

Russian cyber sanctions follow Medibank data breach

Justin Lance Marcel Lavadia Feb 7, 2024

2 min read

A man from Russia has faced government sanctions due to his involvement in a data breach that exposed the personal information of over 10 million individuals from Australia. In October 2022, a significant number of Medibank customers experienced a breach of their personal information, which included sensitive details such as names, dates of birth, addresses, and phone numbers. Unfortunately, some of this compromised data found its way onto the dark web.

However, through a collaborative effort involving the Australian Signals Directorate, the Australian Federal Police, and various other agencies and international partners, a connection was established between a Russian citizen and a cybercriminal responsible for the cyber attack. On Tuesday, the Australian government took action by imposing cybersanction powers on Aleksandr Ermakov.

Engaging in any activities related to Ermakov’s assets, such as providing, modifying, utilising, or handling them, including through digital currency wallets or ransomware payments, will now be considered a serious crime. Those found guilty could face a maximum prison sentence of 10 years.

Home affairs minister Clare O’Neil strongly criticised the cybercriminals, referring to them as individuals who use technology to hide and perpetrate their crimes. “Today marks a significant milestone for the security of our nation,” she remarked.

“It has helped us understand that the enormous cost is a problem… and showed us something about the calibre of people we are dealing with. There are a number of Russian cyber gangs at the heart of the threats Australians face, according to the government.

The sanctions imposed are a result of Australia’s efforts to weaken these organisations. According to Abigail Bradshaw, the chief of the Australian Cyber Security Centre, a number of these individuals operate in groups and exhibit a high level of activity. She believes that if we were to publicly identify and name these cybercriminals, it would significantly impede their activities.

Foreign Affairs Minister Penny Wong said the sanctions sent a message. “There are costs and consequences for targeting Australia and targeting Australians,” she said.

“The sanctions are part of Australia’s efforts to ensure that we uphold the international rules-based order.” Opposition cyber security spokesman James Paterson said the Coalition welcomed the sanctions but criticised the length of time between the data breach and the penalties being imposed. “What the Albanese government has not explained is what has taken them so long,” he told Sky News.

“In December 2022, the Department of Foreign Affairs and Trade acknowledged that they provided advice to the minister to do their sanctions, and in May 2023, the Australian Signals Directorate admitted that they had provided technical assistance for an attribution for this to happen.”

According to Paterson, it is highly unlikely that the Russian government will take any action against Ermakov. However, efforts must be made to reduce the risk of future cyberattacks. “Cyber sanctions are important, though, because what we’re trying to do is shape international norms; we’re trying to put a cost to this behaviour,” he said. “We cannot just click our fingers and make this go away.”

Justin Lance Marcel Lavadia

+ posts

Justin Lavadia is a content producer and editor at Public Spectrum with a diverse writing background spanning various niches and formats. With a wealth of experience, he brings clarity and concise communication to digital content. His expertise lies in crafting engaging content and delivering impactful narratives that resonate with readers.