Australian government forms permanent cyber task force as hackers release data stolen from country’s biggest medical insurer
The Australian government over the weekend formed a cybercrime task force and said it was considering further policy moves, such as making it illegal to pay ransoms to hackers, following a string of high-profile data thefts in the country.
Meanwhile hackers believed to be based in Russia released a further tranche of data stolen from Australian insurer Medibank, disclosing the identities of hundreds of people who filed claims for mental health-related issues.
“We always keep our word,” the hackers wrote, having earlier said they would continue releasing data until Medibank paid a ransom, which the company has refused to do.
The next release is scheduled for Friday, the group said.
On Saturday the Australian federal government announced a permanent joint standing operation of 100 members of the Australian Federal Police (AFP) and the Australian Signals Directorate to target hackers.
“They will show up to work every day with the goal of bringing down these gangs and thugs,” said home affairs minister Clare O’Neil.
On Sunday O’Neil said the government would look at making paying ransoms illegal as part of its cyber strategy.
‘Big policy questions’
She told the Australian Broadcasting Corporation (ABC) that there were “some really big policy questions that we’re going to need to think about and consult on, and we’re going to do that in the context of the cybersecurity strategy”.
The Medibank breach disclosed on 19 October is believed to have affected some 9.7 million past and present customers.
Other recent hacks have affected telco Optus, affecting 10 million customers, and Australian Department of Defence contractor ForceNet.
Responsibility for the Medibank hack was claimed by the REvil gang, which was the subject of mass arrests last autumn and in January of this year that forced the gang to suspend operations for a time, before it resumed its activities in mid-2022.