By Renju Jose
SYDNEY (Reuters) -Australia, the United States and Britain on Tuesday imposed cyber sanctions on a Russian man for his role in the breach at insurer Medibank, one of the country’s biggest data thefts which impacted about 10 million customers.
Reports of cybercrime in Australia have spiked over recent years with several companies disclosing hacks, prompting the government last year to overhaul its cyber security rules and to set up an agency to help coordinate responses.
Targeted financial sanctions and a travel ban have been imposed on Russian citizen Aleksandr Ermakov after Australian authorities linked him to the breach at Medibank, Home Affairs Minister Clare O’Neil said during a press briefing.
“These people are cowards and they’re scumbags. They hide behind technology and today, the Australian government is saying that when we put our minds to it, we’ll unveil who you are, and we’ll make sure you are accountable,” O’Neil said.
This is the first time Australia has used its cyber sanctions framework since legislating it in 2021. The sanction makes it a criminal offence, punishable by up to 10 years in jail and fines, to provide Ermakov with any assets, including cryptocurrency wallets or ransomware payments.
The sanctions may not result in the arrest of the hacker or deter others from targeting Australian assets but the government’s move “is a step in the right direction,” said Nigel Phair, cybersecurity professor at the Monash University.
“It puts sand in the gears of the cyber criminals by degrading their efforts to work with others in future criminal pursuits,” Phair said.
The U.S. Treasury Department on Tuesday said in a statement that Washington and Britain also imposed sanctions on Ermakov because of the risk he poses. The U.S. action freezes his U.S. assets and generally bars Americans from dealing with him.
“Today’s trilateral action with Australia and the United Kingdom, the first such coordinated action, underscores our collective resolve to hold these criminals to account,” Treasury’s Under Secretary for Terrorism and Financial Intelligence, Brian Nelson, said.
Medibank in 2022 disclosed that a hacker stole the personal information of 9.7 million current and former customers, and released the data on the dark web.
A government report in November said state-sponsored cyber groups and hackers had stepped up assaults on Australia’s critical infrastructure, businesses and homes, with one attack every six minutes likely occurring on Australian assets.
Hackers in November hit DP World Australia, one of the country’s largest ports operators, forcing it to suspend operations for three days. Victoria state authorities early this month disclosed court recordings database was breached, impacting recordings and transcription services.
(Reporting by Renju Jose in Sydney; Editing by Stephen Coates and Bernadette Baum)