Australia Medibank Hack: Authorities Sanction Russian Man Over 2022 Cyber-Attack

Russian citizen sanctioned under new law over link to 2022 Medibank Private data breach.

Australian authorities sanctioned a Russian man over the 2022 cyber-attack on Medibank, the first time that the nation has used its new cyber sanctions powers.

The sanctions were handed out over the suspect's alleged connection with the private data breach of Medibank. In late 2021, Magnitsky-style sanctions laws were introduced in Australia and included a world-leading measure to allow the imposition of Australian travel bans and asset freezes.

Australia Medibank Hack: Authorities Sanction Russian Man Over 2022 Cyber-Attack
Australian authorities announced sanctions against Russian citizen Aleksandr Ermakov over his alleged connection to the Medibank Private data breach in 2022. Muhammad FAROOQ / AFP) (MUHAMMAD FAROOQ/AFP via Getty Images

This would affect individuals and entities that are allegedly involved in "significant" cyber-attacks in the region. Australia, similar to other nations, has adopted sanctions laws named after the late corruption whistleblower Sergei Magnitsky.

The new measures generally target individuals who are believed to be connected to serious corruption or violations of human rights. However, Australia's laws also allow sanctions to punish allegedly malicious cyber activity.

On Tuesday. , the nation's local government announced that it was imposing sanctions under the new law on 33-year-old Russian citizen Aleksandr Gennadievich Ermakov. Officials released a statement saying that police and intelligence agencies worked with international partners to link the suspect to the compromise of the Medibank Private network, as per The Guardian.

Authorities argued that the decision makes the act a "criminal offense, punishable by up to 10 years' imprisonment and heavy fines, to provide assets to Aleksandr Ermakov, or to use or deal with his assets, including through cryptocurrency wallets or ransomware payments."

There were roughly 9.7 million customer records that were taken in the Medibank Private data breach, which includes dates of birth as well as Medicare numbers. The records also included sensitive medical information, such as procedures claimed by policyholders related to the termination of pregnancy and miscarriages.

In a previous statement, Australian federal police commissioner Reece Kershaw said that he was in possession of intelligence that hackers in Russia were allegedly responsible for the massive hack.

The latest development follows an investigation by the Australian Signals Directorate (ASD) and the Australian Federal Police (AFP). Australian Foreign Affairs Minister Penny Wong said that the sanctions against Ermakov will include a travel ban and "targeted financial sanctions," according to 9News.

Russian Citizen Sanctioned

Wong said that the Medibank hack was an egregious violation that impacted some of the most vulnerable members of the Australian community. She argued that the use of the new powers sends a clear message, which is that such crimes have consequences when they target Australia and its people.

Speaking alongside Wong were Defense Minister Richard Marles and Home Affairs Minister Claire O'Neal. Marles said that Australian officials worked alongside partners in the Five Eyes intelligence alliance, which includes the United States, New Zealand, Canada, and the United Kingdom to link the Russian citizen to the data breach.

While there have been scant details released related to Ermakov and his background, Australian intelligence authorities believe that he is a member of the infamous Russian cyber-crime gang REvil. The group has been linked to several attacks across a variety of regions, including Europe, the U.S., and the UK.

During the announcement of the charges against the Russian citizen, O'Neil described the Medibank hack as the "single most devastating cyber-attack we have experienced as a nation," said BBC.


Related Article:

Russia's Foreign Minister Rules Out Any Peace Plan Backed by Ukraine, US as China Warns Further Global Chaos

Tags
Australia, Data Breach, 2022
Real Time Analytics