Australia Imposes Sanctions on Russians Linked to Medibank Cyberattack
Australia has taken unprecedented action by naming and imposing sanctions on Russian citizen Aleksandr Ermakov for his alleged role in the Medibank cyber attack. Cybersecurity minister Clair O'Neil revealed in a press conference that Ermakov is a member of the Russian REvil group, which was dismantled in a coordinated international effort in 2021.
The government's response involves a "targeted financial sanction" and a travel ban on Ermakov. The sanctions, authorized under the Autonomous Sanctions Amendment (Magnitsky-style and Other Thematic Sanctions) Act 2021, make it a criminal offense to provide assets to Ermakov, with penalties of up to 10 years' imprisonment and substantial fines. This includes assets managed through cryptocurrency wallets or ransomware payments.
Notably, this marks the inaugural use of the sanctions powers established in December 2021 against a cyber threat actor. The Australian Federal Police had previously identified Russia as the source of the 2022 Medibank attack, leading to calls for the application of "Magnitsky-style sanctions" by Liberal senator James Paterson.
The Medibank breach, which occurred in 2022, resulted in the theft of 9.7 million records and incurred a substantial cost of $46.4 million for the insurer in the 2022-2023 financial year alone. Foreign Minister Penny Wong, Deputy Prime Minister Richard Marles, and Minister O'Neil emphasized that the Australian Federal Police and the Australian Signals Directorate are actively pursuing additional leads in collaboration with other departments and international partners.
This move follows the March 2022 application of the sanctions powers, when then-Foreign Minister Marise Payne applied sanctions to 39 Russian individuals accused of involvement in the death of Sergei Magnitsky, whose name is enshrined in the legislation.
Related Courses and Certification
Also Online IT Certification Courses & Online Technical Certificate Programs