Security News

The Australian, US, and UK governments have announced sanctions for Aleksandr Gennadievich Ermakov, a Russian national considered responsible for the 2022 Medibank hack and a member of the REvil ransomware group. Medibank is a large health insurance provider in Australia that suffered a ransomware attack in October 2022, causing operational and business disruption.

The Australian government has announced sanctions for Aleksandr Gennadievich Ermakov, a Russian national considered responsible for the 2022 Medibank hack and a member of the REvil ransomware group. Following a lengthy investigation, the Australian authorities identified Ermakov as the person responsible for the Medibank hack and data theft.

Australia's government has used the "Significant cyber incidents" sanctions regime it introduced in 2021 for the first time, against a Russian named Aleksandr Gennadievich Ermakov whom authorities have deemed responsible for the 2022 attack on health insurer Medibank Private. On Tuesday the government went a step further, naming Aleksandr Ermakov as linked to the incident, adding that Australia's Federal Police and sigint agency the Australian Signals Directorate "Continue to pursue other leads."

IT pros in Australia should be looking forward to a big year in 2024, as ongoing transformation continues to redefine their roles within their companies. Coupled with an ongoing skills shortage, those pros who spend the effort to develop their skillsets according to current trends will do well, regardless of the broader economic conditions.

The Australian government announced the 2023-2030 Australian Cyber Security Strategy, which aims to "Help realise the Australian Government's vision of becoming a world leader in cyber security." Overall, the strategy is designed to bring the public and private sectors together in delivering a cohesive vision. More Australia coverage Lack of bipartisan agreement means a lack of clear cyber security strategy.

Cybercrime actor DragonForce which claimed responsibility for the attack has also leaked 95 GB of data that it states, belongs to the company. In a statement to BleepingComputer, Yakult Australia confirmed it was investigating a cyber incident that occurred in mid-December.

Today, the Akira ransomware gang claimed that it breached the network of Nissan Australia, the Australian division of Japanese car maker Nissan.The attackers have threatened to leak sensitive business and client data online, as ransom negotiations with Nissan failed after the company either refused to engage or pay the ransom.

Third-party supply chain risk is a key concern from Australian cyber security professionals. ASIC reveals third-party supply chain risk as key gap in Australia.

The year 2023 was a big year for cyber security professionals in Australia. Experts from Rapid7 have argued that Australia can expect both advantages and risks from AI cyber tools in 2024.

Australia is about to get a national online ID system - the Digital ID - which promises to improve the security and privacy of data online. The Digital ID is the cumulation of a five-year, AUD $200 million investment as an effort to alleviate security concerns over the amount of data Australians give to companies to prove who they are online.