Russian embassy hits back over claims ransomware group behind Medibank hack
The Russian Embassy has issued a tense statement over Australian claims that the hackers behind the major cyber attack are from their country.
The Russian Embassy in Australia has issued a curt statment after the Australian Federal Police said they believe the culprits behind the Medibank cyber attack were from the country.
AFP Commissioner Reece Kershaw announced that the intelligence around the incident pointed to a group of cyber criminal based in Russia.
“We believe those responsible for the breach are in Russia,” Commissioner Kershaw said.
“These cyber criminals are operating like a business with affiliate and associates who are supporting the business.”
The Russian Embassy released a statement saying that the AFP had not contacted them in regards to the claims.
“For some reason, this announcement was made before the AFP even contacted the Russian side through the existing professional channels of communication,” the statement read.
“We encourage the AFP to duly get in touch with the respective Russian law enforcement agencies.
The Russian government is likely to know about the ransomware group behind the Medibank breach and may even know about the hack itself, an Australian cyber security expert has said.
The Australian Federal Police revealed on Friday they had identified cyber criminals in Russia as the perpetrators of the Medibank hack that compromised the personal information of 9.7 million customers.
AFP Commissioner Reece Kershaw said Australian authorities knew the identities of the individuals involved and called on law enforcement in Moscow to co-operate with the investigation.
Australian Strategic Policy Institute director Fergus Hanson said he wouldn’t be surprised if the Russian government “knew all about this group and potentially even about this operation”.
“It looks like it’s motivated by financial gain and that is what the (AFP) Commissioner has pointed to,” he told ABC news.
“So it sounds like a group operating as a business. The links to the state are yet to be talked about by officials.”
Mr Hanson said cyber criminal groups operated in many countries either on behalf of the state or with the “tacit support” of the government.
“Almost certainly these groups inside Russia are known to the Russian government and tolerated if not supported,” he said.
Mr Hanson said the chances of Moscow handing over the cyber criminals to Australian authorities to face the legal system were “almost zero”.
Labor frontbencher Tanya Plibersek condemned the hackers as “disgusting” and “revolting” human beings.
“We want to do anything in this government’s power, both to catch those responsible, to hold them to account, but also to work with companies that hold such vast amounts of people’s data to make sure that they are doing it safely,” Ms Plibersek told ABC News.
The group behind the cyber attack has this week posted three tranches of Medibank customers’ private health information on the dark web.
The data in the file posted on Friday is understood to include information about mental health and alcohol issues and follows the release of sensitive information on pregnancy terminations on Thursday.
The people claiming to responsible — posting on a dark web blog linked to the REvil Russian ransomware group — had said they sought $US10m ($A15.1m) from Medibank to prevent the data leak.
Medibank chief executive David Koczkar said he expected the group to continue to release stolen customer data each day.
“The relentless nature of this tactic being used by the criminal is designed to cause distress and harm,” he said in a statement on Friday morning.
“These are real people behind this data and the misuse of their data is deplorable and may discourage them from seeking medical care.
Medibank has refused to pay a ransom, a move which the federal government has supported.
Opposition cyber security spokesman James Paterson has called on the government to consider imposing sanctions under the Magnitsky legislation on those responsible for the hack.
“While Australia has yet to use Magnitsky sanctions against perpetrators of serious cyber attacks, this would be a prime candidate,” Senator Paterson said.
The legislation enables the imposition of targeted financial sanctions and travel bans on individuals in response to serious human rights violations and abuses, serious corruption and significant cyber incidents.
Senator Paterson welcomed the AFP’s decision to publicly disclose that the hackers were operating from Russia.
“The threat of having their identities revealed is a powerful deterrent for malicious online behaviour,” he said.
Ministers downplay Coalition poll breakthrough
Since 2001, when Newspoll began calculating two-party-preferred results for all polls, every government has fallen behind the opposition on that measure at some point during the parliamentary term.
Free lunch with side of federal funding
The Miles government has defended its $1.4bn free lunch policy while demanding Canberra comes up with more state school funding.