Key Points
- A new policing model has been set up to target the criminals behind the data breaches at Medicare and Optus.
- Cyber Security Minister Clare O'Neil says authorities are doing all they can to "hunt down the scumbags".
- The Russian embassy says it should have been contacted before the AFP said Russian criminals are the culprits.
The Australian government is going to "hunt down the scumbags" responsible for the that compromised the private information of nearly 10 million customers, cyber security minister Clare O'Neil said.
On Friday, the Australian Federal Police (AFP) announced that .
The Russian embassy in Australia said it was disappointed that the AFP had identified Russia-based criminals as the culprits without contacting Russian officials before the public announcement.
"We encourage the AFP to duly get in touch with the respective Russian law enforcement agencies," the consulate said in a statement on Friday evening.
"Fighting cybercrime that adversely affects people’s lives and damages businesses demands a cooperative, non-politicized and responsible approach from all members of the world community."
On Saturday, Ms O'Neil announced the establishment of a new policing model, involving the AFP and Australian Signals Directorate (ASD), created to deal specifically with the criminals behind the and Medicare data breaches.
"Around 100 officers around these two organisations will be a part of this joint standing operation, and many of these officers will be physically co-located from the Australian Signals Directorate," she said.
Ms O'Neil said the officers will "show up to work every day" with the "goal of bringing down these gangs and thugs".
"This is the formalisation of a partnership - a standing body within the Australian government which will day in, day out, hunt down the scumbags who are responsible for these malicious crimes against innocent people," she said.
"The smartest and toughest people in our country are going to hack the hackers."
New policing model will be permanent
Attorney-General Mark Dreyfus described the situation as "incredibly distressing".
"The government acknowledges this, and we are doing all that we can to limit the impact of this awful criminal act, and provide support to people who are going through this distressing time," he said.
Mr Drefyus said the new AFP-ASD partnership targeting cyber criminals would be a permanent and formalised arrangement.
"The AFP is working day and night on this problem. It's working with international partner agencies... including the FBI," he explained.
AFP Commissioner Reece Kershaw on Friday said officers were also working with Interpol to track down the criminals.
"We know who you are," he said. "The AFP has some significant runs on the scoreboard when it comes to bringing overseas offenders back to Australia to face the justice system."
Australia's diplomatic relations with Russia under review
Mr Dreyfus said diplomatic channels with Russia would be open regarding extradition, but maintained that will not slow down the work of national security agencies.
He called on Russia to do "all that it can do to ensure people who are within its borders are not engaging in this kind of criminal activity".
"The [Australian] government is looking hard at Russia's diplomatic profile in Australia and all options remain under consideration," Mr Dreyfus said.
"Our preference is to maintain diplomatic channels, but diplomatic profiles must always be consistent with our national interest."
Opposition cyber security spokesman James Paterson said the disclosure opened up the possibility of sanctions under Australia's Magnitsky regime.
The regime, passed with bipartisan support in December 2021, enables the imposition of targeted financial sanctions and travel bans in response to serious corruption and significant cyber incidents.
Prime Minister Anthony Albanese earlier told reporters he was "disgusted by the perpetrators of this criminal act", and he authorised the AFP boss to disclose the information.
The hackers have , including data on abortions and alcohol issues.
It follows Medibank's refusal to pay a ransom for the data, with almost 500,000 health claims stolen, along with personal information.
Medibank said affected customers should access its resources page on mental health and other support services.
