Australia has sanctioned a Russian hacker for his involvement in the Medibank cyber-attack, marking the first time the federal government has used Magnitsky-style powers to name and shame a cyber-criminal.
Foreign Minister Penny Wong revealed the sanctions against 34-year-old Alexander Ermakov on Tuesday following almost 18 months of investigation by the Australian Signals Directorate (ASD) and the Australian Federal Police (AFP).
“Thanks to the hard work of the ASD and the Australian Federal Police, we have linked Russian citizen and cyber criminal Alexander Ermakov to the attack,” Ms Wong said, announcing the attribution and sanctions.
The government has sanctioned a Russian man for his role in a data breach that compromised the personal details of more than 10 million Australians.
In October 2022, at least 10 million Medibank customers had information compromised, including names, dates of birth, addresses, and phone numbers, some of which were published on the dark web.
However, a joint operation conducted by the Australian Signals Directorate and the Australian Federal Police with other agencies and international partners was able to link a Russian citizen and cybercriminal for his role in the cyber attack.
The Australian government responded on Tuesday, imposing cyber sanction powers on Aleksandr Ermakov for the first time.
Thales Australia is well-known globally for its Bushmaster, and now Hawkei, protected military vehicles as Ukraine uses the former in its war against Russia.
Australia has provided Ukraine with 110 Bushmasters to help in its efforts, and now it wants the light-protected mobility vehicle, the Hawkei.
Mr Conroy would not be drawn on whether Australia would send more Hawkei vehicles to Ukraine as publicly requested by its ambassador to Australia Vasyl Myroshnychenko in April.
“We’re focused on delivering what we’ve already committed to the government and people of Ukraine, Mr Conroy said.
“We’re proud to be one of the biggest non-NATO contributors of military aid to Ukraine in their valiant efforts to stop the unprovoked aggression from Vladimir Putin.
Unprecedented security breach in Australia by the Russians
Medibank breach means it will be a criminal offence to provide assets, overhaul, or use or deal with Ermakov’s assets, including through cryptocurrency wallets or ransomware payments – any breaches will be punishable with up to 10 years in prison.
Home affairs minister Clare O’Neil called the cybercriminals “cowards and scumbags who hide behind technology”.
“This is a very important day for cyber security in our country,” she said.
“It has helped us understand the enormous cost is a problem … and showed us something about the calibre of people we are dealing with.
There are several Russian cyber gangs at the heart of the threats Australians face, according to the government.
The sanctions imposed are part of Australia’s efforts to debilitate these organisations.
Australian Cyber Security Centre chief Abigail Bradshaw said that many of them are dynamic and work in clusters, so naming and identifying cybercriminals will hurt their efforts.
Foreign Affairs Minister Penny Wong said the sanctions sent a message.
“There are costs and consequences for targeting Australia and Australians,” she said.
“The sanctions are part of Australia’s efforts to ensure that we uphold the international rules-based order.”
Opposition cyber security spokesman James Paterson said the Coalition welcomed the sanctions but criticised the length of time between the data breach and the penalties being imposed.
“What the Albanese government has not explained is what has taken them so long,” he told Sky News.
“In December (2022), the Department of Foreign Affairs and Trade acknowledged that they provided advice to the minister to do their sanctions, and in May 2023, the Australian Signals Directorate admitted that they had provided technical assistance for an attribution for this to happen.”
Paterson said while it was unlikely Russia’s government would penalise Ermakov, work was needed to minimise the likelihood of further cyber attacks.
“Cyber sanctions are important though, because what we’re trying to do is shape international norms, we’re trying to put a cost to this behaviour,” he said.
“We cannot just click our fingers and make this go away.”
© 2024, GDC. © GDC and www.globaldefensecorp.com. Unauthorized use and/or duplication of this material without express and written permission from this site’s author and/or owner is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to www.globaldefensecorp.com with appropriate and specific direction to the original content.