Heloise Vyas reports:
The Australian government have cracked down on a Russian cybercriminal believed to behind a Medibank Private breach in 2022 which marked the “single most devastating attack” in the country’s history.
In a joint press conference with the Foreign Affairs Minister, Deputy Prime Minister, and Cyber Security Minister, the Commonwealth declared it would, for the first time ever, use an autonomous cyber sanctions framework against the suspected hacker for his role in the attack which saw the private information of more than four million Australians stolen with the total number of breached records amounting to 9.7 million.
Following an extensive 18-month investigation into the 2022 incident, Russian citizen Aleksandr Ermakov was linked to the attack and sanctioned on Tuesday.
Read more at Sky News.
Ermakov was allegedly a member of REvil, but the sanctions are only against him as an individual and are not imposed against the group. Sanctions against “REvil” at this point would be fairly meaningless as the group disbanded, but it would at least stop or discourage anyone from trying to resurrect the “REvil” brand or group. Ermakov was not one of the REvil members arrested in February 2022 when Russian authorities questioned and then arrested eight individuals at the request of the U.S. government. They were all released within months.