November 12, 2022
Russia has been named as being behind the Medibank Private hack but Australia faces an uphill battle to extract the perpetrators from a nation where cybercriminals enjoy the tacit protection of President Vladimir Putin.
In an unusual move, the Australian Federal Police revealed on Friday the attack originated from a Russian network with “some affiliates” possibly operating in other countries.
The announcement came at the request of Prime Minister Anthony Albanese who slammed Russia and said it should beheld accountable.
AFP Commissioner Reece Kershaw, pictured right, said he knew the individuals responsible but wouldn’t name them, instead hoping talks with Russian authorities would open up a pathway to prosecution.
Reports later suggested the hackers were members of one of about 20 Russian major cybercriminal groups which the Kremlin largely tolerates.
According to Barron’s magazine, Mr Putin’s regime allows the gangs to operate as long as they target the West and don’t harm Russian interests.
“The rules for Russian hackers are simple: Don’t hack Russian language sites; don’t say no if the Kremlin or the FSB security agency ask for a favour; and share the loot when requested,” the magazine reported earlier this year.
The hackers have demanded $15 million ransom from Medibank for the return of the hacked data which includes personal details and sensitive medical information.
Medibank has refused and several files have now been published on the dark web. A file titled “boozy” had the personal information of more than 240 people, and comes after the release of one labelled “abortions” the day before.
Mr Kershaw said AFP intelligence pointed to a group of loosely affiliated cybercriminals who were likely responsible for significant past breaches in other countries.
“These cybercriminals are operating lots of business with affiliates and associates who are supporting the business,” he said. “We know who you are and moreover the AFP has some significant runs on the scoreboard when it comes to bringing overseas offenders back to Australia to face the justice system.
“This cyber attack is an unacceptable attack on Australia and it deserves a response that matches the malicious and far reaching consequences that this crime is causing.”
Mr Albanese said he was “disgusted” by the criminals’ actions.
“The nation where these attacks are coming from should also be held accountable for the disgusting attacks, and the release of information, including very private and personal information,” he said.
“I say to those people who are distressed by this disclosure, we stand with you at this time.”
Shadow cybersecurity minister James Paterson welcomed the decision to name Russia as the source country and said this opened up the possibility of applying sanctions on those who protected the attackers.
The Medibank and Optus hacks have prompted the Federal Government to strengthen its privacy laws by introducing legislation where companies that leave the personal data of customers open to hackers could face hundreds of millions of dollars in fines.
Medibank chief executive David Koczkar warned he expected the group to “continue to release stolen customer data each day”.
“The relentless nature of this tactic being used by the criminal is designed to cause distress and harm,” Mr Koczkar said.
“These are real people behind this data and the misuse of their data is deplorable and may discourage them from seeking medical care.
“It’s obvious the criminal is enjoying the notoriety. Our single focus is the health and wellbeing and care of our customers.”
Medibank is preparing to offer customers support for mental health, identity protection and financial hardship.
