The Australian Federal Police (AFP) has identified a group of “loosely affiliated” cyber criminals based in Russia as those behind the cyber attack on health insurer Medibank.
AFP Commissioner Reece Kershaw said the agency has been able to find the identities of the hackers but didn’t name them.
“These cyber criminals are operating like a business with affiliates and associates who are supporting the business,” he said on Friday.
“We also believe that some affiliates may be in other countries.
“It is important to know that Russia benefits from the intelligence sharing and data share through Interpol, and with that comes responsibilities and accountability.”
The AFP is responsible for the Australian Interpol National Central Bureau, which has direct contact with National Central Bureau Moscow and the International Criminal Police Organisation (Interpol).
AFP to Target Individuals Using Medibank Data
Meanwhile, investigators are also scouring the internet and dark web, targeting people who are accessing the information and trying to profit from it.“This is a time for all Australians, the community, business and law enforcement to stand together and refuse to give these criminals the notoriety they seek,” Kershaw said.
“Cybercrime is the break and enter of the 21st century, and personal information is being used as currency.”
Kershaw reiterated government policy did not condone paying a ransom because any ransom payment, small or large, “feeds a cybercrime business model”.
Prime Minister Anthony Albanese earlier on Friday said that Moscow should be held accountable for the criminal act.
“The fact is that the nation where these attacks are coming from should also be held accountable for the disgusting attacks and the release of information, including very private and personal information.”
“Society asks us about ransom; it’s a 10 million [sic] USD. We can a=make discount 9.7m 1$=1 customer.”
“Medibank [sic] CEO stated that ransom amount is ‘irrelevant.’ We want to inform the customer that He refuses to pay for yours [sic] data more, like 1 USD per person. So, probably customers data and extra efforts don’t cost that.”
The data release came after Medibank announced it would not give in to a cyber hackers ransom demands after at least 9.7 million of its customers had data, including full names, birth dates, phone numbers, medicare numbers, and addresses, accessed in a cyberattack in October.
“In fact, paying could have the opposite effect and encourage the criminal to directly extort our customers, and there is a strong chance that paying puts more people in harm’s way by making Australia a bigger target.”
“It is for these reasons we have decided we will not pay a ransom for this event,” he said.
The company said the decision was also consistent with the advice from the Australian government.
Customers are also warned that the data accessed could be published online or used to contact customers directly.
