November 13, 2022
A PARTNERSHIP between the Australian Federal Police and foreign signals intelligence agency will work to bring down Russian criminals responsible for the Medibank hack.
Home Affairs Minister Clare O’Neill said the “Russian thugs” behind the cyber attack should “watch out”.
“The smartest and toughest people in our country are going to hack the hackers,” she said.
A group of cyber criminals based in Russia was the likely culprit behind the Medibank hack, according to AFP Commissioner Reece Kershaw.
He said police knew the identities of those involved and asked law enforcement in Moscow to co-operate. Attorney-General Mark Dreyfus said “all options are under consideration” when considering whether to expel Russian diplomats.
Medibank chief executive David Koczkar said he expected the group would “continue to release stolen customer data” each day.
The Russian Embassy in Australia issued a statement saying the AFP had not contacted it about the claims.
“For some reason, this announcement was made before the AFP even contacted the Russian side through the existing professional channels of communication,” it said.
“We encourage the AFP to duly get in touch with the respective Russian law enforcement agencies.”
The Russian government is likely to know about the ransomware group and may even know about the Medibank hack, an Australian security expert says.
Australian Strategic Policy Institute director Fergus Hanson said he would not be surprised if the Russian government “knew all about this group and potentially even about this operation”.
Mr Hanson told ABC News cyber criminals operated in many countries on behalf of states or with the “tacit support” of governments.
Mr Hanson said the chances of Moscow handing over cyber criminals to Australian authorities were “almost zero”.
The hackers this week posted three tranches of Medibank customers’ private health information on the dark web.
The data in the file posted on Friday is understood to include information about mental health and alcohol issues and follows the release of sensitive information on pregnancy terminations.
The people claiming to responsible – posting on a dark web blog linked to the Revel Russian ransomware group – said they sought $US10m($A15m) from Medibank to prevent the data leak. Medibank refuses to pay a ransom.
Opposition James Paterson called on the government to consider sanctions under the Magnitsky legislation, which enables financial sanctions and travel bans in response to human rights violations, corruption or cyber crimes.