The recent cyber attack on Medibank Private in Australia has resulted in the Australian government taking action against a Russian national, Aleksandr Ermakov, who has been identified as the perpetrator of the attack. The attack, which occurred in October, resulted in the theft of approximately 9.7 million Australian dollars worth of critical information, including Medicare numbers, names, associated personal information, and sensitive medical information. The government has stated that several records were leaked on the dark web as a result of the attack.
After 18 months of investigation, the Australian Signals Directorate, Federal Police, and partner agencies were able to link Ermakov to the cyber assault. In response, the Australian government has imposed a “targeted financial sanction” on Ermakov, as well as a domestic ban. This prohibits the supply, utilization, and deals with the individual’s assets, including the use of cryptocurrency wallets and ransomware payments. Failure to comply with these prohibitions is considered a criminal offense and can result in up to 10 years of imprisonment and heavy fines.
Australian Foreign Affairs Minister Penny Wong stated that the use of these powers sends a clear message that there are consequences for targeting Australia and Australians. The government is determined to hold cybercriminals accountable and make Australia more secure at home to keep Australians safe.
This case marks the first application of Australia’s autonomous cyber sanction outlined in Canberra’s latest digital security framework. The government is committed to condemning malicious cyber activity and working with partners to punish individuals who attempt to perpetrate cybercrime in the country. Australian Cyber Security Minister Clare O’Neil emphasized the importance of hardening defenses and putting layers of protection around Australians and Australian businesses, including working with industry to break the ransomware business model.
The Australian government’s decision to sanction Ermakov is a significant step in their efforts to combat cybercrime and protect the country’s digital infrastructure. By applying targeted sanctions and imposing domestic bans, the government is sending a strong message that there will be consequences for those who engage in malicious cyber activity. The use of cryptocurrency wallets and ransomware payments is now illegal in relation to Ermakov, and failure to comply with these prohibitions can result in harsh penalties.
Overall, the Australian government’s response to the cyber attack on Medibank Private demonstrates their commitment to holding cybercriminals accountable and ensuring the security of Australians and Australian businesses. The application of the autonomous cyber sanction and the ongoing efforts to strengthen the country’s cyber security framework are crucial steps in safeguarding against future cyber threats.