The governments of Australia, the U.K., and the U.S. have imposed financial sanctions on a Russian national, Alexander Ermakov, for his alleged involvement in a ransomware attack against health insurance provider Medibank in 2022. Ermakov has been tied to the breach of the Medibank network and the theft and release of Personally Identifiable Information (PII) belonging to the company. The ransomware attack led to the unauthorized access of approximately 9.7 million customers’ information, including sensitive medical records, some of which were leaked on the dark web.
The trilateral action imposes criminal penalties on providing assets to Ermakov or using or dealing with his assets, including through cryptocurrency wallets or ransomware payments. The offense is punishable by up to 10 years’ imprisonment, and the Australian government has also imposed a travel ban on Ermakov. The U.K. government stated that this penalty is part of their efforts to counter malicious cybercriminal activity emanating from Russia.
The U.S. Department of the Treasury criticized Russia for providing a safe haven to malicious cyber actors and enabling ransomware attacks. It called on Russia to take concrete steps to prevent cyber criminals from operating freely in its jurisdiction. The Treasury Department emphasized that Russian cyber actors continue to wage disruptive ransomware attacks against the United States and allied countries, targeting businesses and critical infrastructure to steal sensitive data. This action by the U.S. demonstrates its commitment to disrupting ransomware actors who victimize the backbone of economies and critical infrastructure.
Overall, the governments of Australia, the U.K., and the U.S. have imposed financial sanctions on a Russian national for his alleged involvement in a ransomware attack against Medibank. They aim to counter malicious cybercriminal activity, hold individuals accountable, and disrupt ransomware actors who pose a threat to businesses and critical infrastructure.
Source link