Australian Federal Police Commissioner Rhys Kershaw blamed the attack on “cybercriminals” based in Russia. “We believe that those responsible for the leaks are in Russia,” he said. “Our intelligence reveals a group of loosely connected cybercriminals who are likely responsible for serious previous security breaches around the world,” he added. After posting the first “sample” of the stolen data provided on Wednesday, the hackers posted a second on Thursday on a darknet forum that cannot be found using regular browsers.
They contained highly personal information about hundreds of people. The first data released appears to have been chosen to cause significant harm to people in treatment for drug addiction, sexually transmitted infections, or abortions. On Thursday, the hackers demanded a $10 million ransom. “We can give you a discount. […] 1 dollar = 1 client, ”specified on this forum. The insurer is refusing to pay.
Rhys Kershaw said the Australian police would look to their Russian counterparts for help. “We are going to discuss these people with Russian law enforcement,” he said. Rhys Kershaw explained that he knew the names of the hackers, but refused to disclose them. Cybersecurity analysts have speculated that some of the characteristics of the attack are linked to a group of Russian hackers called REvil.
“We Know Who You Are”
The REvil group was reportedly liquidated by Russian authorities earlier this year after receiving an $11 million ransom from JBS Foods. Rhys Kershaw said the Australian police are taking “covert action” to bring the hackers to justice. “We know who you are,” he told the criminals. “Australian Federal Police have scored a few points in the past when it comes to bringing foreign offenders back to Australia for justice,” he said.