Medibank: Russian government issues statement after AFP reveal hack came from Russia

Share

Australians are being warned that the cyberattacks on Australia will get worse as the hackers gain “notoriety” from their identity being revealed by the AFP.

A group of cyber criminals based in Russia were identified as the likely culprits behind the Medibank hack this week, according to newly released intelligence from AFP Commissioner Reece Kershaw.

Medibank chief executive David Koczkar said he expected that the group would “continue to release stolen customer data each day”.

“The relentless nature of this tactic being used by the criminal is designed to cause distress and harm,” he said.

“It’s obvious the criminal is enjoying the notoriety.”

The Russian Embassy in Australia issued a kurt statement after the Australian Federal Police said they believe the culprits behind the Medibank cyber attack were from the country.

“We believe those responsible for the breach are in Russia,” Commissioner Kershaw said.

“These cyber criminals are operating like a business with affiliate and associates who are supporting the business.”

The Russian Embassy released a statement saying that the AFP had not contacted them in regards to the claims.

“For some reason, this announcement was made before the AFP even contacted the Russian side through the existing professional channels of communication,” the statement read.

“We encourage the AFP to duly get in touch with the respective Russian law enforcement agencies.

The Russian government is likely to know about the ransomware group behind the Medibank breach and may even know about the hack itself, an Australian cyber security expert has said.

AFP Commissioner Reece Kershaw said Australian authorities knew the identities of the individuals involved and called on law enforcement in Moscow to co-operate with the investigation.

Australian Strategic Policy Institute director Fergus Hanson said he wouldn’t be surprised if the Russian government “knew all about this group and potentially even about this operation”.

“It looks like it’s motivated by financial gain and that is what the (AFP) Commissioner has pointed to,” he told ABC news.

“So it sounds like a group operating as a business. The links to the state are yet to be talked about by officials.”

Mr Hanson said cyber criminal groups operated in many countries either on behalf of the state or with the “tacit support” of the government.

“Almost certainly these groups inside Russia are known to the Russian government and tolerated if not supported,” he said.

Mr Hanson said the chances of Moscow handing over the cyber criminals to Australian authorities to face the legal system were “almost zero”.

Labor frontbencher Tanya Plibersek condemned the hackers as “disgusting” and “revolting” human beings.

“We want to do anything in this government’s power, both to catch those responsible, to hold them to account, but also to work with companies that hold such vast amounts of people’s data to make sure that they are doing it safely,” Ms Plibersek told ABC News.

The group behind the cyber attack has this week posted three tranches of Medibank customers’ private health information on the dark web.

The data in the file posted on Friday is understood to include information about mental health and alcohol issues and follows the release of sensitive information on pregnancy terminations on Thursday.

The people claiming to responsible — posting on a dark web blog linked to the Revel Russian ransomware group — had said they sought $US10m ($A15.1m) from Medibank to prevent the data leak.

Medibank has refused to pay a ransom, a move which the federal government has supported.

Opposition cyber security spokesman James Paterson has called on the government to consider imposing sanctions under the Magnitsky legislation on those responsible for the hack.

“While Australia has yet to use Magnitsky sanctions against perpetrators of serious cyber attacks, this would be a prime candidate,” Senator Paterson said.

The legislation enables the imposition of targeted financial sanctions and travel bans on individuals in response to serious human rights violations and abuses, serious corruption and significant cyber incidents.

Senator Paterson welcomed the AFP’s decision to publicly disclose that the hackers were operating from Russia.

“The threat of having their identities revealed is a powerful deterrent for malicious online behaviour,” he said.