- The Hon Richard Marles MP, Deputy Prime Minister, Minister for Defence
- The Hon Tony Burke MP, Minister for ³Ô¹ÏÍøÕ¾ Affairs, Minister for Cyber Security
The Albanese Government has imposed additional cyber sanctions in response to the 2022 cyberattack against Medibank Private.
The attack affected millions of Medibank’s customers whose personal and sensitive medical information was stolen. Some records were published on the dark web.
This is the first time that Australia has imposed cyber sanctions on an entity and the first time Australia has imposed sanctions on those providing the network infrastructure and services that make cyberattacks like this possible.
The Government is imposing these cyber sanctions on the Russian entity, ZServers, and five Russian cybercriminals who provided the network infrastructure and services used to host and release the data stolen from Medibank. The individuals are ZServers’ owner, Aleksandr Bolshakov, and employees Aleksandr Mishin, Ilya Sidorov, Dmitriy Bolshakov and Igor Odintsov.
ZServers and the five sanctioned individuals also provided enabling services that supported a range of other cybercrimes, including ransomware activities conducted by affiliates of LockBit and BianLian and other ransomware groups.
The sanctions announced today make it a criminal offence to provide assets to ZServers or the five sanctioned individuals, or to use or deal with their assets, with penalties of up to 10 years’ imprisonment and/or heavy fines. The sanctions also ban the individuals from entering Australia.
Today’s sanctions follow the Government’s decisive action to sanction Aleksandr Ermakov, announced in January 2024, for his role in the Medibank Private data breach.
They are a result of the close collaboration between the Australian Signals Directorate (ASD), other Commonwealth agencies and key international partners, including the United Kingdom (UK) and the United States (US), who have all worked tirelessly to unmask these cybercriminals.
The UK and the US have also imposed sanctions on these malicious cyber actors, demonstrating our collective resolve to combat cybercrime.
These sanctions reflect the Albanese Government’s commitment in the 2023-2030 Australian Cyber Security Strategy to deter and respond to malicious cyber activity, including by using sanctions to hold cybercriminals to account.
Malicious cyber actors continue to target Australian governments, critical infrastructure, businesses and individuals. Australia’s autonomous cyber sanctions framework is a key tool in imposing costs on cyber actors and protecting Australians from this threat.
Australians should report cybercrimes, incidents or vulnerabilities to the Australian Signals Directorate at 1300 CYBER1 (1300 292 371) or https://www.cyber.gov.au/report.
