Australia Sanctions Russian National for 2022 Cyberattack
The Australian government has sanctioned a Russian national for his role in a cyber attack on Canberra in 2022.
The activity was recorded in October and involved a data breach on healthcare insurance agency Medibank Private.
About 9.7 million Australian dollars ($6.3 million) worth of critical information was stolen, including Medicare numbers, names, associated personal information, and sensitive medical information.
Several records were leaked on the dark web, according to the government.
Aleksandr Ermakov Identified
The Australian Signals Directorate, Federal Police, and partner agencies linked Russian citizen Aleksandr Ermakov to the cyber assault following 18 months of investigation.
Under the penalty, Australia imposed a “targeted financial sanction” as well as a domestic ban on Ermakov.
This makes the supply, utilization, and deals with the individual’s assets illegal, including the use of cryptocurrency wallets and even ransomware payments.
Failure to comply with these prohibitions is a criminal offense punishable by up to 10 years of imprisonment and heavy fines.
“The use of these powers sends a clear message – there are costs and consequences for targeting Australia and Australians,” Australian Foreign Affairs Minister Penny Wong stated.
“The Albanese Government will continue to hold cybercriminals to account. This is an incredible effort from our cyber and intelligence teams. We are using all elements of our national power to make Australia more secure at home and to keep Australians safe.”
Applying Cyber Security Strategy
According to the government, Ermakov’s case saw the first application of Australia’s autonomous cyber sanction outlined in Canberra’s latest digital security framework.
“The Australian Government condemns malicious cyber activity, and we will work with our partners and do everything in our power to punish individuals who attempt to perpetrate cyber crime in this country,” Australian Cyber Security Minister Clare O’Neil said.
“Through the 2023-2030 Australian Cyber Security Strategy, we are hardening our defences and putting layers of protection around Australians and Australian businesses. This includes working with industry to break the ransomware business model.”