Today Australia has imposed targeted financial and travel sanctions on a cyber infrastructure entity – ZServers – and five of its Russian employees for their roles in providing infrastructure to host and disseminate data stolen from Medibank Private in 2022.
This is the first cyber sanction against a business and the first sanction for the provision of services or infrastructure used to engage in cybercrime. The sanctions are the result of close collaboration between ASD, other Commonwealth agencies and key international partners to identify and disrupt cybercriminals who prey on Australia and Australians.
Malicious cyber actors continue to target Australian governments, critical infrastructure business and individuals. Australia’s autonomous cyber sanctions framework is a key tool in imposing costs on cyber actors and protecting Australians from this threat.
ASD discourages businesses and individuals from paying ransoms or extortion claims to cybercriminals. If you experience a cybercrime, report it to ASD immediately by calling 1300 CYBER1 (1300 292 371) or at https://www.cyber.gov.au/report.
Australian businesses can help protect themselves from ransomware by updating devices, regularly backing up files and ensure staff know to never visit suspicious websites, open emails from unknown sources or click on suspicious links.
For more information on this announcement, read the joint media release from the Hon Richard Marles MP, Deputy Prime Minister and Minister for Defence; Senator the Hon Penny Wong, Leader of the Government in the Senate and Minister for Foreign Affairs; and the Hon Tony Burke MP, Minister for Home Affairs and Cyber Security.