Australia has imposed targeted financial sanctions and travel bans on three Russian citizens for their involvement in the Evil Corp cybercrime group.
Evil Corp is one of the most prolific and longest running cybercrime groups in the world.
For more than a decade, Evil Corp has been responsible for significant cyber incidents, including ransomware attacks across Europe, the United Kingdom and the United States, resulting in millions of dollars of losses and disruptions to critical health systems, national infrastructure and government sectors.
Maksim Viktorovich Yakubets, Igor Olegovich Turashev and Aleksandr Viktorovich Ryzhenkov hold senior roles in Evil Corp. The sanctions announced today make it a criminal offence to provide assets to these individuals, or to use or deal with their assets. The sanctions also ban them from entering Australia.
Today's sanctions are part of a coordinated effort with the United Kingdom and the United States to deter and respond to malicious cyber activity. This is the third use of Australia's autonomous cyber sanctions framework, and part of ongoing coordinated international law enforcement against cybercrime.
Australia continues to experience an increase in persistent and pervasive ransomware activity by cyber criminals across several sectors. These include critical infrastructure, governments, industry and the Australian community.
The intent of the cyber sanctions framework is to disrupt and frustrate the perpetrators of malicious cyber activity, such as ransomware, and keep Australians safe.
The Government will continue to assist Australians who find themselves victims of ransomware attacks.
The Australian Government's longstanding policy is to discourage businesses and individuals from paying ransoms or extortion claims to cyber criminals.
If you are asked to pay a ransom you should notify the Australian Signals Directorate by either: calling the Australian Cyber Security Hotline on 1300 CYBER1 (1300 292 371); or making a report.
Australian businesses can help protect themselves from ransomware by backing up their files and work; and ensuring their staff know to never visit suspicious websites, open emails from unknown sources or click on suspicious links.
More information and tips can be found on the Australian Signals Directorate's Ransomware page.
Quotes attributable to Deputy Prime Minister and Minister for Defence, the Hon Richard Marles MP:
"Malicious cyber actors continue to target governments, critical infrastructure and households around the world. These types of sanctions are an important tool in deterring cybercrime and helping to protect Australians.
"These sanctions are only possible because of the efforts of our domestic and international partner agencies who work tirelessly to disrupt cybercriminals and protect Australians from ransomware.
"We encourage all Australians individuals and businesses to be vigilant about their cyber security arrangements to help make Australia a harder target against malicious cyber activity."
Quotes attributable to Minister for Foreign Affairs, Senator the Hon Penny Wong:
"The Albanese Government is the first Australian Government to use autonomous cyber sanctions powers to protect Australians and to deter cybercrime.
"We are using all elements of our national power to make Australia more secure and to keep Australians safe.
"Australia remains committed to promoting a rules-based cyberspace, grounded in international law and the norms of responsible state behaviour in cyberspace.".
Quotes attributable to Minister for Cyber Security, the Hon Tony Burke MP:
"We have been very clear – under our government Australia is hardening its defences and ensuring there are consequences for people who target our citizens and businesses.
"These sanctions are another example of our commitment to working with our international partners to shut down the criminal organisations that have built a business model on ransomware."