AFP reveal Russia behind Medibank cyber attack
The Russian Embassy has hit out at the AFP’s bombshell announcement about the identity of the Medibank hackers.
National
Don't miss out on the headlines from National. Followed categories will be added to My News.
Moscow has claimed it was blindsided by the news the Austraian Government believes Russian hackers are behind the Medibank hack.
The Russian Embassy said it was not told ahead of AFP Commissioner Reece Kershaw’s announcement on Friday where he revealed Russian hackers are to blame for the hacking of millions of Australians private data.
“For some reason, this announcement was made before the AFP even contacted the Russian side through the existing professional channels of communication.
“We encourage the AFP to duly get in touch with the respective Russian law enforcement agencies,” the stateent said.
“Fighting cybercrime that adversely affects people’s lives and damages businesses demands a cooperative, non-politicised and responsible approach from all members of the world community.”
In an extraordinary statement, AFP Commissioner Reece Kershaw confirmed that the theft of data and medical records in a ransom attack had come from hackers based there.
The move to disclose the nationality of the attackers was seen as a warning shot to Russian authorities.
State police sources have previously raised concerns about the sophistication of Russian hackers, some of whom have been accused of election interference in the UK and the United States.
Hackers have now used that capability to act as a criminal enterprise, raising concerns about whether Australia should continue to share intelligence with Russia through Interpol.
Commissioner Kershaw said: “We believe those responsible for the breach are in Russia. These cyber criminals are operating like a business with affiliates and associates who are supporting the business.”
Prime Minister Anthony Albanese authorised the AFP to make the disclosure.
It comes as Australia continues to support Ukraine in its battle against the Russian invasion that began in February.
“We know who is responsible and we say that they should be held to account,” Mr Albanese said.
The group, posting on a dark web blog linked to the REvil Russian ransomware group, had claimed they sought $US10m ($A15.1m) from Medibank.
The hackers have already released personal details of more than 300 Medibank customers, including medical records of pregnant women.
Records of people battling alcohol issues were also posted on the dark web.
“You telling that is disgusting (woof-woof), that we published some data. But we warned you, we always keep our word,” the hackers wrote.
“If we wouldn‘t receive a ransom – we should post this data, because nobody will believe us in the future. Same about our words, regarding we wouldn’t post any data in the future, if we receive a ransom payments.”
The Medibank hack has exposed the data of 9.7 million current and previous customers, with Australia’s tax system encouraging high rates of private cover.
Medibank chief executive David Koczkar warned he expected the group to “continue to release stolen customer data each day”.
“The relentless nature of this tactic being used by the criminal is designed to cause distress and harm,” he said.
“These are real people behind this data and the misuse of their data is deplorable and may discourage them from seeking medical care.
“It’s obvious the criminal is enjoying the notoriety. Our single focus is the health and wellbeing and care of our customers.”
Medibank was contacting customers to provide support for mental health, identity protection, and financial hardship measures.