Hunt for hackers begins: Australia to investigate Russian cyber criminal’s associates – Sydney Morning Herald

We’re sorry, this feature is currently unavailable. We’re working to restore it. Please try again later.
This was published 5 months ago
Add articles to your saved list and come back to them any time.
Australia will work with international allies to investigate associates of Russian cyber hacker Aleksandr Ermakov who was named by the federal government as the person responsible for the 2022 Medibank hack that compromised the information of more than 4 million Australians.
Foreign Minister Penny Wong, Home Affairs Minister Clare O’Neil and Deputy Prime Minister Richard Marles announced at a joint press conference in Canberra on Tuesday that cyber sanctions laws had been used for the first time in response to the “egregious violation”.
“I can confirm that thanks to the hard work of the Australian Signals Directorate (ASD) and the AFP [Australian Federal Police], we have linked Russian citizen and cybercriminal Aleksandr Ermakov to the attack,” Senator Wong said.
It is expected other ally countries will be imposing similar sanctions against Ermakov overnight, a senior government source confirmed on the condition of anonymity as they were unauthorised to speak publicly ahead of the announcement.
The personal information of customers of the country’s largest health insurer were harvested in an event that caused anger among those affected for the response from the company.
The 9.7 million stolen records from current and former customers included names, addresses, birth dates, Medicare numbers, contact information and claims data from the private health insurer.
Investigations into the Medibank hack are ongoing, Marles said at the press conference, following an international operation that involved the United States and United Kingdom governments as well as companies including Microsoft.
The sanctions against Ermakov include financial penalties and a travel ban, meaning it is a criminal offence of up to 10 years imprisonment for individuals to provide assets to Ermakov or to use or deal with his assets, including through cryptocurrency wallets or ransomware payments.
“It has been a painstaking effort to get to the point of naming this individual but we continue to investigate on this,” Marles said.
The federal government has named Aleksandr Ermakov as the person responsible for the 2022 Medibank hack.Credit: Department of Foreign Affairs and Trade
Arresting Ermakov would be the next step for the AFP, said chief strategy officer of CyberCX Alastair MacGibbon.
“Charging in absentia and having a warrant out for him will be the next thing and that’ll put him on watch lists around the world, which means if he travels under his real name or known aliases, he would be arrested by a whole range of countries,” he said.
An AFP spokesperson confirmed it was working with partner agencies to continue implementing “cutting-edge methods” of evidence and intelligence collection to identify all individuals responsible for the illegal online activity against Medibank.
“The AFP will not comment further on aspects of the investigation or who is being investigated. All opportunities will be explored,” the spokesperson said.
Ermakov is a 34-year-old Russian citizen and cyber criminal who was identified under a joint operation by the ASD and AFP. The naming of Ermakov was part of the ASD’s approach to disrupt the business of Russian cyber criminal syndicates.
Aleksandr Ermakov.Credit: Department of Foreign Affairs and Trade
The deputy director general of the ASD, Abigail Bradshaw, said identifying Ermakov would affect Russian cybercriminal syndicates and gangs that were dynamic and had multiple partners.
“We know a lot about Mr Ermakov through our analysis and what we do know is that cybercriminals trade in anonymity, it is a selling quality and so naming and identifying with the confidence that we have from our technical analysis will most certainly do harm to Mr Ermakov’s cyber business,” she said.
Coalition home affairs spokesman James Paterson welcomed the sanctions, but said it was unclear why it had taken so long.
“The opposition first called on [the government] to do so in November 2022, and they’ve been sitting on advice from their departments and agencies for more than a year recommending they do so,” he said.
Cut through the noise of federal politics with news, views and expert analysis from Jacqueline Maley. Subscribers can sign up to our weekly Inside Politics newsletter here.
Copyright © 2024

source

Leave a Reply

Your email address will not be published. Required fields are marked *