These cyber criminals are operating like a business with affiliates and associates
The Australian Federal Police, working with Interpol has named Russia as the culprit for recent data breach at Medibank.
I know Australians are angry, distressed and seeking answers about the highly sensitive and deeply personal information that is being released by criminals who breached Medibank Private’s database.
This is a crime that has the potential to impact on millions of Australians and damage a significant Australian business.
This cyber-attack is an unacceptable attack on Australia, and it deserves a response that matches the malicious and far-reaching consequences that this crime is causing.
The AFP is undertaking covert measures and working around the clock with our domestic agencies and our international networks, including INTERPOL.
This is important because we believe that those responsible for the breach are in Russia.
Our intelligence points to a group of loosely affiliated cyber criminals, who are likely responsible for past significant breaches in countries across the world.
These cyber criminals are operating like a business with affiliates and associates, who are supporting the business.
We also believe some affiliates may be in other countries.
Everyone involved in this attack is a focus of the ongoing investigation through the AFP-led Operation Pallidus.
We believe we know which individuals are responsible, but I will not be naming them.
What I will say is that we will be holding talks with Russian law enforcement about these individuals.
The AFP is responsible for the Australian INTERPOL National Central Bureau, which has direct contact with National Central Bureau Moscow.
INTERPOL National Central Bureaus cooperate on cross-border investigations, operations, and arrests.
To take investigations beyond national borders, they can seek cooperation from any other National Central Bureau.
It is important to note that Russia benefits from the intelligence-sharing and data shared through INTERPOL, and with that comes responsibilities and accountability.
I have several messages today.
To the Australian public: The AFP and our partners are not going to give up in bringing those responsible to justice.
Investigators under Operation Guardian are also scouring the internet and dark web to identify people who are accessing this personal information and trying to profit from it.
To the criminals: We know who you are, and moreover, the AFP has some significant runs on the scoreboard when it comes to bringing overseas offenders back to Australia to face the justice system.
To the media and social media: I know you will do the right thing and continue to assist us in protecting the community by not aiding these criminals by posting or publishing this sensitive information.
This is a time for all Australians – the community, business, and law enforcement – to stand together and refuse to give these criminals the notoriety they seek.
Can I make a plea to business: Ensure your systems are protected.
Cybercrime is the break and enter of the 21st Century and personal information is being used as currency.
Finally, I want to reiterate that Australian Government policy does not condone paying ransoms to cyber criminals.
Any ransom payment, small or large, fuels the cybercrime business model, putting other Australians at risk.