TRANSCRIPT
The Medibank cyber breach in 2022 was deemed the most devasting cyber-attack in the nation's history.
After the personal data of almost 10-million Australians was stolen, much of it was shared on the dark web.
The Home Affairs and Cyber Security Minister Clare O'Neil says the cost of this hack was massive but the government has made progress in its in pursuit to find those responsible.
“These people are cowards and they're scum bags. They hide behind technology and today the Australian government is saying, that when we put our minds to it, we'll unveil who you are, and we'll make sure you are accountable.”
The Australian Federal Police and Australian Signals Directorate have identified the individual linked to the Medibank attack -- Russian citizen Aleksandr Ermakov.
The Deputy Prime Minister Richard Marles announced for the first time the federal government has used a 2021 law to impose cyber sanctions, including a travel ban.
“With these agencies, there's an enormously powerful effect which can be brought to bear in holding cyber-criminals to account and the sanctions that are put in place on Aleksandr Ermakov today and publicly naming him will have an enormous impact on his activities and send a very strong message to cyber-criminals around the world.”
The sanctions mean it's a criminal offence to provide assets to him... punishable by up to 10 years in prison.
Ermakov is a member of the Russian hacker group 'REvil'.
It's just one of many criminal syndicates.
Chief Executive Officer of the Cyber Security Research Centre Rachel Falk says this may have little personal consequence... but it is significant.
“It will be harder for him to travel and move assets around the Five Eyes nations and he won't be able to visit Australia and he might not care about that. But what it means is it's really super important that we have a position where the agencies and government are standing firm.
In a statement a spokesperson for Medibank said thanked the government: "for its work in identifying and pursing a criminal responsible. Since the cybercrime event we have supported our customers through our Cyber Response Support Program. We know we can still do more..."
Opposition Spokesperson for Home Affairs and Cyber Security James Paterson says it's taken too long for this action.
“It was in November 2022 that I first called on the government to use these powers in relation to the Russian backed hackers who attacked Medibank because the Australian Federal Police had already publicly attributed it to Russian hackers... So what's taken so long?”
This international investigation involved intelligence agencies in the US and UK.
Russia's Ambassador to Australia was notified by the Department of Foreign Affairs and Trade of the Government's decision on Tuesday.
A spokesperson from the Embassy in Canberra told SBS: "The Ambassador was very explicitly advised that the Australian Government has no knowledge of any connections of Ermakov to the Russian Government."
Surprisingly, that significant point was completely left out.
