Australia reins in ‘coward and scumbag’ Russian hacker
Australia imposed cyber sanctions on Tuesday on a Russian man for his role in a breach at insurer Medibank, in one of Australia’s biggest data thefts, affecting about 10-million customers.
Reports of cybercrime in Australia have spiked in recent years with several companies disclosing hacks, prompting the government to overhaul its cyber security rules in 2023 and set up an agency to help coordinate responses.
Targeted financial sanctions and a travel ban have been imposed on Russian citizen Aleksandr Ermakov after Australian authorities linked him to the breach at Medibank, home affairs minister Clare O’Neil said during a media briefing.
“These people are cowards and they’re scumbags. They hide behind technology and today, the Australian government is saying that when we put our minds to it, we’ll unveil who you are, and we’ll make sure you are accountable,” O’Neil said.
This is the first time Australia has used its cyber sanctions framework since legislating it in 2021. The sanction makes it a criminal offence, punishable by up to 10 years in jail and fines, to provide Ermakov with assets, including cryptocurrency wallets or ransomware payments.
The sanctions may not result in the arrest of the hacker or deter others from targeting Australian assets but the government’s move “is a step in the right direction,” said Nigel Phair, cybersecurity professor at the Monash University.
“It puts sand in the gears of the cybercriminals by degrading their efforts to work with others in future criminal pursuits.”
In 2022, Medibank disclosed that a hacker stole the personal information of 9.7-million customers and released the data on the dark web.
A government report in November said state-sponsored cyber groups and hackers stepped up assaults on Australia’s critical infrastructure, businesses and homes, with one attack every six minutes likely on assets.
In November, Hackers hit DP World Australia, one of the country’s largest ports operators, forcing it to suspend operations for three days. Early in January, Victoria state authorities disclosed court recordings that the database was breached, affecting recordings and transcription services.