Australia has imposed sanctions on two Russian cybercrime services and the two Russian individuals who run them. Photo: File.
The Federal Government has imposed sanctions on two Russian business entities and two individuals, saying they are providing cybercrime services against Australia.
Media Land LLC and ML. Cloud LLC, along with two of its key personnel – Aleksandr Alexandrovich Volosovik and Kirill Andreevich Zatolokin – are accused of providing ransomware infrastructure to malicious cyber actors and cybercriminals, enabling them to conduct cyberattacks in Australia and around the world.
Australia has taken this action in partnership with the United Kingdom and the United States.
The sanctions make it a criminal offence to provide assets to either Media Land entity or the two sanctioned individuals, or to use or deal with their assets.
The sanctions also ban the individuals from entering Australia.
Media Land has helped enable criminals to conduct attacks against Australian financial institutions, Australian businesses, their customers and critical international infrastructure.
This is the fifth time the Federal Government has activated Australia’s autonomous cyber sanctions framework.
Deputy Prime Minister Richard Marles said the move was part of a coordinated action against cybercrime.
“The Australian Government is taking strong steps to strike back against malicious cyber activity,” he said.
“These actions are about defending our national security and ensuring Australians can live and work safely in a digital world. This latest cyber sanction builds on previous actions and demonstrates our relentless pursuit of those who seek to harm Australians.
“These sanctions don’t just impose costs on criminals, they dismantle the infrastructure that enables cybercrime. By disrupting these networks, we make it harder for others to launch attacks and it strengthens Australia’s resilience against future threats.”
The sanctions are the result of collaboration between the Australian Federal Police, the Australian Signals Directorate and international partners.
The sanctioned companies provide a service known as “bulletproof hosting”, in which cyber criminals pay to use the companies’ digital infrastructure to commit sophisticated cybercrimes such as ransomware attacks, malware infections, and scams.
They deliberately ignore requests from international law enforcement and governments to take down websites that engage in illegal activity on their platforms.
Cyber attacks include denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks against critical infrastructure, resulting in service disruptions and degradations, data exfiltration, system encryption, and victim extortion.
AFP Cyber Command Assistant Commissioner Richard Chin said the darknet services and the two Russian men helped international cybercriminals attack Australians and steal from innocent victims.
“They provided cybercriminals with a perceived layer of protection by refusing to take down websites with illegal content that had been flagged by international law enforcement agencies and governments,” Mr Chin said.
“The name suggests they are ‘bulletproof’, but our message to cybercriminals is clear – just because you operate on the dark web, it does not mean you are beyond law enforcement and our partners. We can see your criminal activity, and we will find you.”
Australia’s Ambassador for Cyber Affairs and Critical Technology, Jess Hunter, said the government was determined to hold malicious cyber actors to account.
“Cyber sanctions work to deter cybercrime and help protect Australians by exposing the activities and identity of malicious cybercriminals operating across jurisdictions, placing them at further risk of detection wherever they may hide,” Ms Hunter said.
Australians continue to be targeted by malicious cyber actors and lose billions to cyber scams each year.
Cyber sanctions are a key tool for imposing costs on cyber actors and protecting Australians from this threat.
The maximum penalty for anyone breaching sanctions is 10 years’ imprisonment and/or significant fines.
Cyber Security Minister Tony Burke said the government is consistently working to deter and respond to malicious cyber activity.
“We will continue to do everything we can to break down the networks and alienate the individuals who are driving cyber attacks against Australia and Australian interests,” he said.
“This is one of the fastest growing threats our country faces and our government will ensure we are ready to face it.”
Australians should report cybercrimes, incidents or vulnerabilities to the Australian Signals Directorate at 1300 CYBER1 (1300 292 371).
The government urges Australian businesses to help protect themselves from ransomware and phishing attacks by updating devices, regularly backing up files, and ensuring staff know never to visit suspicious websites, open emails from unknown sources, or click on suspicious links.
