This is Russian citizen Aleksandr Ermakov – the person allegedly responsible for the cyber-attack on Medibank that exposed data from more than 9.7 million Australians.
The Australian Government will be using its international cyber sanction powers for the very first time against the baby-faced Russian believed responsible for the hack in 2022.
After a lengthy investigation by the Australian Signal Directorate (ASD) and the Australian Federal Police they were able to identify Aleksandr Ermakov as the alleged architect of the massive cyber breach which saw the personal data and health records of more than 9.7 million Australians leaked on the dark web.
At a press conference today, Foreign Affairs Minister Penny Wong outlined the sanctions against Ermakov.
These include financial sanctions and a travel ban.
This means it is a criminal offence punishable by up to 10 years in jail for anyone who provides assets to Ermakov including cryptocurrency or using any of his assets or making any ransomware payments.
“It sends a clear message that there are costs and consequences for targeting Australia and for targeting Australians,” Ms Wong said.
“These sanctions are part of Australia’s efforts to ensure that we uphold the international rules based order an upholding the norms of responsible state behaviour inside the space.
“As I have often said we wish to use all elements of our national pattern to hold these rules and to keep Australian safe and secure we will continue to hold cybercriminals to account.”
Defence Minister Richard Marles says Australia’s authorities have been working with officers from the US, New Zealand, Canada and the UK in their investigation that linked Ermakov to the Medibank data breach.
“This is a demonstration of how working with our partners, with these agencies, there is an enormously powerful effect which can be brought to bear in holding cyber criminals to account,” Marles said.
“And the sanctions that are being put in place on Alexander Ermakov today and publicly naming him will have an enormous impact on his activities and send a very strong message to cybercriminals around the world that we mean business.”
Home Affairs Minister Clare O’Neil described the Medibank cyber-attack as one of the worst Australia has ever seen.
It has also provided the government with a first-hand look at the effect and cost the attack has had on Australians.
“It also showed us something about the calibre of people we are dealing with in terms of this problem … these people are cowards, and they are scumbags, they hide behind technology,” Ms O’Neil said.
The moves by the Australian Federal Government are sending a clear message to the cyber criminals and figures like Ermakov and other Russian syndicates that Australia is not going allow these costly data breaches to go unpunished.
The fact Ermakov was identified as a person of interest in the Medibank cyber-attack is a huge step and demonstrates that it is possible to drag these online offenders from the shadows and into the light for all to see.
