Tuesday , February 27 2024
A Medibank branch in Sydney

Medibank breach
Australia imposes sanctions on Russian hacker

Australia has imposed cyber sanctions on a Russian hacker for his alleged role in a 2022 ransomware attack. This is the country’s first use of this penalty.

A cyberattack stole personal data from 9.7 million Medibank customers in Australia. The data includes names, birth dates, medical information, and Medicare numbers. Some of this information was posted on the dark web.

CISA Issues Alert on APT29’s Cloud Infiltration Tactics

CISA and the UK's NCSC released a joint advisory about new tactics of Russian Foreign Intelligence Service (SVR) cyber actors....
Read More
CISA Issues Alert on APT29’s Cloud Infiltration Tactics

Bangladesh to form ‘Cyber Police Unit’: PM Sheikh Hasina

The Prime Minister of Bangladesh Sheikh Hasina has announced to form ‘Cyber Police Unit’, a separate unit to combat cyber...
Read More
Bangladesh to form ‘Cyber Police Unit’: PM Sheikh Hasina

Alert – Critical SQLi Vulnerability Threatens 200K+ Websites

A critical security vulnerability has been revealed in the widely used WordPress plugin called Ultimate Member, which is installed on...
Read More
Alert – Critical SQLi Vulnerability Threatens 200K+ Websites

Chainalysis Report
$100 million in crypto payments to Myanmar scam syndicate

Investigators found that two cryptocurrency addresses linked to a company in Myanmar received nearly $100 million in deposits in less...
Read More
Chainalysis Report  $100 million in crypto payments to Myanmar scam syndicate

Microsoft released PyRIT, A Tool For Generative AI Systems

Microsoft has released a new open automation framework called PyRIT (Python Risk Identification Toolkit). It helps security professionals and machine...
Read More
Microsoft released PyRIT, A Tool For Generative AI Systems

NCSA organized a seminar on ‘Safe Internet Usage’ in Rangpur

The National Cyber Security Agency  (NCSA) rganized a seminar on 'Safe Internet Usage' at Rangpur District Shilpakala Academy Auditorium. Over...
Read More
NCSA organized a seminar on ‘Safe Internet Usage’ in Rangpur

LockBit new .onion address
LockBit returns; new five victims disclosed

LockBit restarted their ransomware operation on a new infrastructure after law enforcement disrupted their servers. Now, they threat to target...
Read More
LockBit new .onion address  LockBit returns; new five victims disclosed

Cyberattack halts Malawi Immigration Dept. Passport Services

The government of Malawi has stopped giving out passports after a cyber-attack on the immigration service's computer network. President Chakwera...
Read More
Cyberattack halts Malawi Immigration Dept. Passport Services

LockBit Reestablishes Dark Web Leak Site: Report

The LockBit ransomware group reactivated a hidden website on the dark web. They posted a long message written by their...
Read More
LockBit Reestablishes Dark Web Leak Site: Report

0/1 click Facebook account takeover; Nepalis talent rewarded

eta ranked Nepal's cyber security researcher Samip Aryal first in the White Hack (Hall of Fame) for finding a vulnerability...
Read More
0/1 click Facebook account takeover; Nepalis talent rewarded

This is the first use of Australia’s autonomous cyber sanctions framework and is a result of Australian Government efforts over the past 18 months to investigate and respond to this cyber incident.

In a press release by Australian Defense ministry reads, In the attack, 9.7 million records were stolen. These records included names, dates of birth, Medicare numbers, and sensitive medical information. Some records were published on the dark web.

The Australian Signals Directorate and the Australian Federal Police, under Operation Aquila, together with other Commonwealth agencies and international partners, have worked tirelessly to link Russian citizen and cybercriminal Aleksandr Ermakov to the compromise of the Medibank Private network and continue to pursue other leads.

The Australian Government has imposed a targeted financial sanction and a travel ban on Aleksandr Ermakov. This sanction makes it a criminal offence, punishable by up to 10 years’ imprisonment and heavy fines, to provide assets to Aleksandr Ermakov, or to use or deal with his assets, including through cryptocurrency wallets or ransomware payments.

This announcement highlights the Albanese Government’s commitment in the 2023‑2030 Australian Cyber Security Strategy to deter and respond to malicious cyber activity, including through the use of sanctions.

“We encourage all Australians – including businesses – to be vigilant about their cyber security arrangements to help make Australia a harder target against increasing malicious cyber activity”.

The Australian Government discourages businesses and individuals from paying ransoms or extortion claims to cyber criminals. If you are asked to pay a ransom you should:

Call the Australian Cyber Security Hotline on 1300 CYBER1 (1300 292 371) for cyber security assistance; and
Report the cybercrime, incident or vulnerability to the Australian Signals Directorate at https://www.cyber.gov.au/report

Quotes attributable to the Deputy Prime Minister, the Hon Richard Marles MP:

“In our current strategic circumstances we continue to see governments, critical infrastructure, businesses and households in Australia targeted by malicious cyber actors.

“The Australian Signals Directorate and the Australian Federal Police have worked tirelessly over the past 18 months to unmask those responsible for the cyberattack on Medibank Private and to ensure Australians are protected from malicious cyber activity.

“We continue to work with our friends and partners around the world to ensure cyber criminals are held to account for their actions and we will relentlessly pursue activities which disrupt their capability to target Australians in the cyber space.”

Quotes attributable to the Minister for Foreign Affairs, the Hon Penny Wong:

“The use of these powers sends a clear message – there are costs and consequences for targeting Australia and Australians.

“The Albanese Government will continue to hold cybercriminals to account.

“This is an incredible effort from our cyber and intelligence teams. We are using all elements of our national power to make Australia more secure at home and to keep Australians safe.”

Quotes attributable to the Minister for Home Affairs and Minister for Cyber Security, the Hon Clare O’Neil MP:

“The Australian Government condemns malicious cyber activity, and we will work with our partners and do everything in our power to punish individuals who attempt to perpetrate cyber crime in this country.

“Through the 2023-2030 Australian Cyber Security Strategy, we are hardening our defences and putting layers of protection around Australians and Australian businesses. This includes working with industry to break the ransomware business model.

“Our strong advice to businesses is never pay the ransom. Paying a ransom does not guarantee sensitive data will be recovered, prevent it from being sold or leaked online or prevent further attacks. It also makes Australia a more attractive target for criminal groups.”

Check Also

4.0

TrendMicro Research
LockBit-NG-Dev, might consider a true 4.0 version

LockBit ransomware creators were working on a new version of their file-encrypting malware, called LockBit-NG-Dev, …

Leave a Reply

Your email address will not be published. Required fields are marked *