- Exclusive
- National
- Information security
This was published 1 year ago
Russia now knows who hacked Medibank, but it’s doing nothing about it
By Nick McKenzie and Amelia Balinger
Russian authorities are stonewalling the Australian Federal Police after its investigators provided detailed intelligence about the identity and location of the criminals responsible for hacking the Medibank Private data of millions of Australians.
AFP Commissioner Reece Kershaw has revealed his agency briefed Moscow via international policing agency Interpol on the individuals and groups responsible for the hack, but his Russian counterparts had provided no assistance in response.
The hack led to highly sensitive personal information being released publicly on the internet.
Kershaw said Russia’s failure to co-operate meant it was providing a haven for cybercriminals.
“Given the fact that we’ve shared some very detailed specific intelligence, we’d like to see a result come back, and we’re still waiting on that front,” Kershaw told this masthead and 60 Minutes. “Police to police, it’s a one-way street at the moment.”
Kershaw’s comments, which were echoed by American and British security chiefs, come six months after he revealed that the Medibank hack emanated from Russia, prompting the Russian ambassador to criticise the AFP for going public but not sharing its intelligence with Moscow.
Following the ambassador’s intervention, Kershaw authorised Australian officials to share with Russia, via Interpol, precise information about the hacker.
Kershaw’s decision to effectively scold Russia underscores the frustration of Australian agencies battling an army of Russian cybercriminals protected by Moscow, while also raising fresh questions about Russia’s continuing membership of Interpol.
Asked to comment on the allegations, a spokesman for the Russian embassy in Canberra said: “Unfortunately, we can’t comment on anything as we are not familiar with these comments.”
The Australian Signals Directorate, the nation’s key cyber and communications spying agency, revealed this month that Russian intelligence services had penetrated Australian computers using Russia’s “snake” cyber-espionage malware, which was subject to a major FBI-led disruption operation.
In addition, the Australian Criminal Intelligence Commission recently declared a group of Russian and Ukrainian hackers a “priority target”, elevating it to a small list of international organised crime groups assessed as posing a grave threat to Australia.
Kershaw’s attack on Russia’s inaction came on the sidelines of a meeting of the Five Eyes law enforcement group in Melbourne. The group comprises major policing agencies from Australia, the US, the UK, Canada and New Zealand.
The most powerful Five Eyes agencies — the FBI and the UK’s National Crime Agency and Metropolitan Police – also attacked Russia for its support of ransomware hackers.
“We’ve seen a whole string of very devastating and destructive cyberattacks which emanate from Russia,” FBI deputy director Paul Abbate said.
“Some were directly carried out and backed by the Russian government, and then, within that, you have the criminal ransomware enterprise as well, which essentially the Russian government has provided safe haven to, which has done significant damage in a different way to our citizens and to our economies.”
Graeme Biggar, director general of Britain’s National Crime Agency, said Russia had created a permissive environment that had allowed cybercriminals to thrive, some of them connected to Russian intelligence agencies.
“The vast majority of the cybercrime in the world, and particularly the ransomware, which is the most threatening to international security, comes from Russian-based, Russian-language cybercrime groups,” he said.
Two months after this masthead revealed ASIO had discreetly expelled from Australia members of an entrenched Russian spy ring, Biggar also warned that Russian spy expulsions in the UK had prompted Moscow’s security apparatus to turn to organised criminals to carry out its dirty work.
He said Russia’s intelligence agencies were using “proxies, including criminals to try and achieve their ends” overseas, while simultaneously providing a haven for international hackers inside Russia.
Biggar also said financial sanctions applied to Putin-linked oligarchs in the UK had forced some to turn to the criminal underworld to move and launder significant sums of money.
While all states, including the Five Eyes partners, engaged in cyber-espionage, countries such as Russia and China target companies and individuals to steal intellectual property and harass dissidents.
Britain’s most senior counter-terror official, Metropolitan Police Assistant Commissioner Matt Jukes, said Russia and Iran were using transnational crime groups to subvert Western democracy.
British police had thwarted 15 murder plots aimed at critics of the Iranian regime living in Britain since January last year, he said.
In February, Home Affairs Minister Clare O’Neil called out Iran for its harassment of Iranians living in Australia, describing a case in which a critic was “followed, watched, photographed and had their home invaded” by Iranian agents.
Jukes said what UK authorities could “see very plainly from Iran is a determination to silence … dissident voices as they perceive them.”
He said British authorities had disrupted 15 “intense, acute, threats” to the lives of Iranians in Britain in 18 months.
Five Eyes police chiefs also described a concerted campaign by the Chinese Communist Party to intimidate and harass diaspora communities in the West, claims long denied by Beijing. The Chinese embassy in Canberra declined an interview request.
On Saturday, this masthead and 60 Minutes also revealed how the FBI was tracking relationships between the Chinese Communist Party and organised criminals operating in Pacific island nations. The FBI said these crime groups had corrupted Pacific island politicians in order to advance China’s sphere of influence in the region.
FBI deputy director Paul Abbate claimed Beijing had enabled transnational crime groups to destabilise Australia and its allies, blaming the Chinese government for failing to curb the huge flow of fentanyl to North America.
Concerns about the overlap between the Chinese Communist Party and transnational criminal entities is among the catalysts for the recent decision by the Australian Criminal Intelligence Commission to use its special intelligence gathering powers to target foreign interference, espionage, bribery and terrorism.
The commission’s acting chief executive, Matt Rippon, confirmed his agency’s board – which is chaired by Kershaw and governed by Australia’s spy and police chiefs – had, in December, authorised operations targeting links between organised crime and national security threats, but declined to single out any state actors.
The National Security Threats Determination is almost certain to focus on the Chinese government’s dealings with organised crime groups, two sources speaking anonymously to discuss confidential information said.
Rippon also revealed the Criminal Intelligence Commission was working with its Five Eyes partners to assess the prospect of America’s fentanyl epidemic being replicated in Australia and to war game how to pre-empt this.
Cut through the noise of federal politics with news, views and expert analysis from Jacqueline Maley. Subscribers can sign up to our weekly Inside Politics newsletter here.