Australian Federal Police has identified cybercriminals in Russia as the perpetrators of a cyberattack on Medibank that exposed 9.7 million customers to fraud and theft from the use of their personal records.
AFP Commissioner Reece Kershaw said a loosely affiliated group of cyber criminals from Russia were to blame for the Medibank hack.Credit:Alex Ellinghausen
At a press conference this afternoon, AFP Commissioner Reece Kershaw said a group of cybercriminals in Russia were to blame.
“We believe those responsible for the breach are in Russia.”
“Our intelligence points to a group of loosely affiliated cybercriminals who are likely responsible for past significant breaches in countries across the world.
“These cybercriminals are operating like a business with affiliates and associates who are supporting the business.”
Kershaw said some of those affiliates could be in other countries and that the AFP was working with domestic agencies as well as international networks including Interpol in an ongoing investigation.
AFP is responsible for the Australian INTERPOL National Central Bureau which has direct contact with one in Moscow.
National Central Bureaus cooperate on cross-border investigations, operations and arrests.
“We’ll be holding talks with Russian law enforcement about these individuals. It is important to know that Russia benefits from the intelligence sharing and data shared through Interpol, and with that comes responsibilities and accountability,” Kershaw said.
The Australian decision to name the source country of the attack is a rare move, but Prime Minister Anthony Albanese said he authorised the release of the findings because the attacks needed to be condemned.
Kershaw said the AFP believed they knew which individuals were responsible, but would “not be naming them.”
Here’s what he had to say to Australians:
“I know Australians are angry, distressed and seeking answers about the highly sensitive and deeply personal information that has been released by criminals who breached Medibank’s private database.
The AFP and our partners are not going to give up in bringing those responsible to justice.
Investigators under Operation Guardian are also scouring the internet and dark web to identify people who are accessing this personal information and trying to profit from it.”
And to the criminals:
“We know who you are, and moreover, the AFP has some significant runs on the scoreboard when it comes to bringing overseas offenders back to Australia to face the justice system.”
Kershaw reiterated that Australian government policy did not condone paying ransoms to cyber criminals. “Any ransom payment, small or large, fuels the cybercrime business model, putting other Australians at risk,” he said.
