FedEx Establishes Direct Presence in Nigeria to Support Customers with International TradeRead more Open Society Foundations (OSF) Award $1.1 Million Grant to Afrobarometer to Spur Future GrowthRead more The annual Global Impact Conference 2022 brings together visionary business leaders to revolutionize educational systems and inspire collaborative actionRead more APO Group announces content partnership with Pan-African broadcaster VoxAfricaRead more MainOne, an Equinix Company’s MDXi Appolonia Achieves Tier III Constructed Facility certification (TCCF), Now Most Certified Data Center in GhanaRead more United Nations High Commissioner for Refugees (UNHCR) warns rising tide of hunger, insecurity, and underfunding worsening gender-based violence risksRead more The Royal Thai Embassy presents the cultures of Thailand at the Association of Southeast Asian Nations (ASEAN) Festival in KenyaRead more Climate change is the biggest global threat, young people in Africa and Europe tell European Investment Bank (EIB), Debating Africa and Debating EuropeRead more $2 million in prizes awarded at Conference of the Parties (COP27) to African youth-led businessesRead more Africa and Europe’s top business and public sector leaders gather to chart Africa’s economic rebirthRead more

Australia blames Russian hackers for medical data theft

show caption
Hackers are demanding US$10 million to stop leaking sensitive records they stole from Medibank, Australia's largest private health insurer./AFP
Print Friendly and PDF

Nov 11, 2022 - 01:00 PM

SYDNEY, AUSTRALIA — Russian hackers carried out a cyberattack on a major Australian healthcare company that breached the data of 9.7 million people, including the country’s prime minister, police said Friday.

The hackers started leaking the data this week after Medibank, the country’s largest health insurer, refused to pay a $9.7 million (Aus$15 million) ransom.

Australian Federal Police commissioner Reece Kershaw blamed the attack on Russia-based “cyber criminals”.

“We believe those responsible for the breach are in Russia,” he told reporters.

“Our intelligence points to a group of loosely affiliated cyber criminals who are likely responsible for past significant breaches across the world.”

The hackers have been drip-feeding the stolen data to a dark web forum.

The first leaks appeared to have been selected to cause maximum harm: targeting those who received treatment related to drug abuse, sexually transmitted infections, or pregnancy terminations.

Kershaw said the hackers also appeared to be supported by people living outside Russia.

“These cyber criminals are operating like a business with affiliates and associates who are supporting the business.

“We also believe that some affiliates may be in other countries.”

He added that Australian police would be working with Interpol and seeking the cooperation of their counterparts in Russia.

“We’ll be holding talks with Russian law enforcement about these individuals,” he said.

“Russia benefits from the intelligence sharing and data shared through Interpol and with that comes responsibilities and accountability.”

Retaliation threat 

Australia has repeatedly condemned Russia’s invasion of Ukraine and has provided Kyiv with hundreds of millions of dollars in aid and military equipment.

Australia’s foreign intelligence agency in April warned that backing Ukraine could open the country up to reprisals from Russian hackers.

“Russian-aligned cybercrime groups have threatened to conduct cyber operations in retaliation for perceived cyber offensives against the Russian government,” the Australian Signals Directorate said in an advisory note.

“Some groups have also threatened to conduct cyber operations against countries and organisations providing materiel support to Ukraine.”

Kershaw said police knew the identities of the hackers but he would not be naming them.

Cybersecurity analysts have suggested they could be linked to Russian hacker group REvil.

REvil — an amalgam of ransomware and evil — was reportedly dismantled by Russian authorities earlier this year, after extracting an $11 million ransom from JBS Foods, a major food conglomerate.

‘Rolled gold mongrels’ 

Australian National University cybersecurity expert Thomas Haines said tracking the hackers down was the easiest part for police.

“It’s unusual for hackers to cover their tracks so well that you don’t know where they came from,” he told AFP.

“But there are certain areas of the world where the ability to apply any pressure is effectively zero.”

Kershaw said Australian police were taking “covert measures” to bring the hackers to justice.

“To the criminals, you know we know who you are,” he said.

“The Australian Federal Police has some significant runs on the scoreboard when it comes to bringing overseas offenders back to Australia to face the justice system.”

Education Minister Jason Clare on Friday called the hackers “rolled gold mongrels”, while Home Affairs Minister Clare O’Neil has dubbed them “scummy criminals”.

O’Neil on Thursday said the “smartest and toughest” people in Australia were hunting down the hackers.

In a taunting reply posted to the dark web early Friday morning, the hackers said: “We always keep our word.”

“We should post this data, because nobody will believe us in the future.”

MAORANDCITIES.COM uses both Facebook and Disqus comment systems to make it easier for you to contribute. We encourage all readers to share their views on our articles and blog posts. All comments should be relevant to the topic. By posting, you agree to our Privacy Policy. We are committed to maintaining a lively but civil forum for discussion, so we ask you to avoid personal attacks, name-calling, foul language or other inappropriate behavior. Please keep your comments relevant and respectful. By leaving the ‘Post to Facebook’ box selected – when using Facebook comment system – your comment will be published to your Facebook profile in addition to the space below. If you encounter a comment that is abusive, click the “X” in the upper right corner of the Facebook comment box to report spam or abuse. You can also email us.