Get all your news in one place.
100’s of premium titles.
One app.
Start reading
ABC News
ABC News
National

The AFP believes Russian cyber criminals are behind the Medibank data hack. Here's what else we know

The Australian Federal Police (AFP) have revealed details about the suspects behind the Medibank data hack, but will be keeping some information out of the public eye. 

AFP Commissioner Reece Kershaw gave a short media statement on Friday afternoon, but did not take questions from journalists. 

Here's what we learnt from the briefing:

What do we know about the suspects?

ABC defence correspondent Andrew Greene said authorities suspect the perpetrators are members of the REvil group – a Russian-based cyber-criminal gang.

But Commissioner Kershaw gave few details about them at the press conference. 

"Our intelligence points to a group of loosely affiliated cyber criminals who are likely responsible for past significant breaches in countries across the world," he said. 

"These cyber criminals are operating like a business with affiliates and associates who are supporting the business.

"We also believe some affiliates may be in other countries."

Commissioner Kershaw said the AFP believed it knew the identities of these people, but wouldn't name them.

Why aren't they naming the suspects?

Commissioner Kershaw said he was limiting what he revealed to avoid putting the criminal investigation at risk. 

He also said the AFP refused to give the suspects "the notoriety they seek". 

What is the AFP doing about it?

"We'll be holding talks with Russian law enforcement about these individuals," Commissioner Kershaw said. 

They're also hunting down people trying to access the private customer information leaked by the hackers.  

"Investigators are, under Operation Guardian, also scouring the internet and the dark web to identify people who are accessing this personal information and trying to profit from it," Commissioner Kershaw said. 

What power does the AFP have to catch international criminals?

Commissioner Kershaw said the AFP had "some significant runs on the scoreboard" when it came to bringing people overseas to justice.

"The AFP is responsible for the Australian Interpol National Central Bureau, which has direct contact with National Central Bureau in Moscow," he said. 

"Interpol national central bureaus cooperate on cross-border investigations, operations and arrests.

"To take investigations beyond national borders, they can seek cooperation from any other national central bureau.

"Russia benefits from the intelligence sharing and data shared through Interpol and with that comes responsibilities and accountability."

Will Russia cooperate?

Andrew Greene said, while the suspects weren't considered part of the Russian state, REvil operated with the protection of President Vladimir Putin.

"Australia is unlikely to receive any cooperation from Russian authorities," he said. 

"Before Russia's invasion of Ukraine, western nations were already furious at Moscow for harbouring cybercriminals.

"Australia's strong support of Ukraine makes it certain that Russia will not want to cooperate."

Will the ransom be paid?

It doesn't sound like it. 

Medibank has declared it will not pay a ransom.

And Commissioner Kershaw said it was against government policy.

"The Australian government policy does not condone paying ransoms to cyber criminals," he said.

"Any ransom payment, small or large, fuels the cybercrime business model, putting other Australians at risk."

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.