The government of Prime Minister Anthony Albanese has imposed additional cyber sanctions in response to a major 2022 cyberattack that hit Medibank Private.
The breach, which compromised millions of customers’ sensitive medical data, marked a turning point in Australia’s approach to cyber security. The Medibank Private cyberattack not only targeted the personal information of Medibank’s customers but also saw portions of the stolen data published on the dark web.
The 2022 cyberattack was one of Australia’s largest and most damaging cyber incidents, affecting thousands of individuals who found their personal and health information exposed. The Medibank Private attack was part of a growing trend of cybercriminal activities targeting Australian businesses, government systems, and critical infrastructure. In response, the Australian Government has taken a firm stand by introducing unprecedented cyber sanctions, marking the first time Australia has sanctioned an entity involved in facilitating cyberattacks.
The Medibank Private Cyberattack and New Sanctions
The new sanctions specifically target ZServers, a Russian-based network infrastructure provider that played a crucial role in the cyberattack. ZServers, along with five associated Russian cybercriminals, were identified as the perpetrators behind the infrastructure enabling the Medibank Private data breach.
These individuals are: ZServers owner Aleksandr Bolshakov, and employees Aleksandr Mishin, Ilya Sidorov, Dmitriy Bolshakov, and Igor Odintsov. The Albanese Government says these actors not only facilitated the Medibank cyberattack but also provided services that supported a range of other malicious cyber activities, including ransomware operations associated with notorious cybercriminal groups like LockBit and BianLian.
The sanctions, which have broad implications, make it a criminal offense for individuals or entities to engage with ZServers or its affiliated individuals. Australian law now imposes severe penalties, including imprisonment for up to 10 years and heavy fines, for those found guilty of providing assets or conducting any dealings with these sanctioned entities. Additionally, the sanctions prevent these cybercriminals from entering Australia, further reinforcing the country’s commitment to securing its digital borders.
Past Sanctions in Australia
This latest round of sanctions follows a similar move earlier in 2024 when Aleksandr Ermakov was sanctioned for his alleged involvement in the Medibank cyberattack. The Albanese Government’s response shows its resolve to deter cybercriminal activity and protect Australians from the devastating impacts of cybercrime.
The implementation of the cyber sanctions is the result of extensive collaboration between various Australian agencies, including the Australian Signals Directorate (ASD), as well as international partners like the United States and the United Kingdom. This united front highlights the importance of global cooperation in the fight against cybercrime, with all parties working to identify, disrupt, and hold accountable the actors responsible for the Medibank Private cyberattack and other malicious online activities.
Furthermore, these sanctions are a key component of Australia’s broader strategy to strengthen its cyber defenses. The Albanese Government’s 2023-2030 Australian Cyber Security Strategy outlines the nation’s commitment to deterring cyber threats and holding cybercriminals accountable. By using sanctions as a tool, the government is ensuring that malicious cyber actors face serious consequences for their actions.