Australia has imposed targeted financial sanctions and travel bans on three Russian citizens for their involvement in the Evil Corp cybercrime group.
Evil Corp is one of the most prolific and longest running cybercrime groups in the world.
For more than a decade, Evil Corp has been responsible for significant cyber incidents, including ransomware attacks across Europe, the United Kingdom and the United States, resulting in millions of dollars of losses and disruptions to critical health systems, national infrastructure and government sectors.
Maksim Viktorovich Yakubets, Igor Olegovich Turashev and Aleksandr Viktorovich Ryzhenkov hold senior roles in Evil Corp. The sanctions announced today make it a criminal offence to provide assets to these individuals, or to use or deal with their assets. The sanctions also ban them from entering Australia.
Today's sanctions are part of a coordinated effort with the United Kingdom and the United States to deter and respond to malicious cyber activity. This is the third use of Australia's autonomous cyber sanctions framework, and part of ongoing coordinated international law enforcement against cybercrime.
Australia continues to experience an increase in persistent and pervasive ransomware activity by cyber criminals across several sectors. These include critical infrastructure, governments, industry and the Australian community.
The intent of the cyber sanctions framework is to disrupt and frustrate the perpetrators of malicious cyber activity, such as ransomware, and keep Australians safe.
The Government will continue to assist Australians who find themselves victims of ransomware attacks.
The Australian Government's longstanding policy is to discourage businesses and individuals from paying ransoms or extortion claims to cyber criminals.
If you are asked to pay a ransom you should notify the Australian Signals Directorate by either: calling the Australian Cyber Security Hotline on 1300 CYBER1 (1300 292 371); or making a report at https://www.cyber.gov.au/report.
Australian businesses can help protect themselves from ransomware by backing up their files and work; and ensuring their staff know to never visit suspicious websites, open emails from unknown sources or click on suspicious links.