The United States and Britain on January 23 followed Australia in imposing sanctions on Russian citizen Aleksandr Yermakov, who was designated for his alleged role in a cyberattack that compromised the personal information of 9.7 million Australians.
The U.S. Treasury Department announced its sanctions against Yermakov after Australian authorities said their investigation tied him to the breach of Australian private health insurer Medibank in October 2022.
The department said in a statement that the United States and Britain imposed sanctions on Yermakov because of the risk he poses. The U.S. action freezes any assets he holds in U.S. jurisdiction and generally bars Americans from dealing with him.
“Russian cyber actors continue to wage disruptive ransomware attacks against the United States and allied countries, targeting our businesses, including critical infrastructure, to steal sensitive data,” said Brian Nelson, U.S. undersecretary for terrorism and financial intelligence.
"Today’s trilateral action with Australia and the United Kingdom, the first such coordinated action, underscores our collective resolve to hold these criminals to account," he added in a statement.
Yermakov, 33, who used the online aliases blade_runner, GustaveDore, and JimJones, resides in Moscow, according to the U.S. Treasury Department.
The Australian government imposed its power to sanction an individual for cybercrime for the first time, applying the law against Yermakov after Australian Federal Police and intelligence agencies linked the Russian citizen to the Medibank cyberattack.
"This is the first time an Australian government has identified a cybercriminal and imposed cybersanctions of this kind and it won't be the last," Home Affairs Minister Clare O'Neil told reporters.
The cyberattack on Medibank, Australia’s largest health insurer, involved sensitive medical records that were released on the dark web after the company refused to pay a ransom.
O’Neil said it was “the single most devastating cyberattack we have experienced as a nation."
The leaks targeted records related to drug abuse, sexually transmitted infections, and abortions.
"We all went through it, literally millions of people having personal data about themselves, their family members, taken from them and cruelly placed online for others to see," O’Neil said, calling the hackers “cowards” and “scum bags."
The Australian sanctions impose a travel ban and strict financial sanctions that make it a criminal offense punishable by up to 10 years imprisonment for anyone found guilty of providing assets to Yermakov or using his assets, Foreign Minister Penny Wong said.
Australian Deputy Prime Minister Richard Marles said the sanctions are part of Australia’s efforts to expose cybercriminals and debilitate groups engaging in cyberattacks.
“In our current strategic circumstances we continue to see governments, critical infrastructure, businesses, and households in Australia targeted by malicious cyberactors," Marles said in a statement.