Australia, in partnership with the UK and the US, has announced new sanctions against Russian-based cybercrime service providers Media Land LLC and ML. Cloud LLC, as well as two of their senior personnel, Aleksandr Alexandrovich Volosovik and Kirill Andreevich Zatolokin. The sanctions are part of a coordinated response to cyber threats that have affected financial and insurance sectors in Australia and beyond.
The sanctioned organisations are accused of supplying infrastructure that supports ransomware and other cyberattacks, including those targeting Australian businesses, financial institutions, and critical infrastructure. According to Australian authorities, these services have enabled cybercriminals to conduct attacks both domestically and internationally, impacting a wide range of sectors.
Under the new measures, it is a criminal offence in Australia to provide assets to the sanctioned entities or individuals, or to use or deal with their assets. Penalties for violations include up to 10 years in prison and substantial fines. The individuals named in the sanctions are also prohibited from entering Australia.
This marks the fifth time Australia has activated its autonomous cyber sanctions framework, reflecting a broader strategy to counter cybercrime. The framework is a component of the government’s ongoing efforts under the 2023–2030 Australian Cyber Security Strategy, which aims to strengthen national defences against evolving cyber threats.
Deputy Prime Minister Richard Marles commented: “The Australian government is taking strong steps to strike back against malicious cyber activity. These actions are about defending our national security and ensuring Australians can live and work safely in a digital world. These sanctions don’t just impose costs on criminals; they dismantle the infrastructure that enables cybercrime. By disrupting these networks, we make it harder for others to launch attacks and it strengthens Australia’s resilience against future threats.”
Media Land, headquartered in St. Petersburg, Russia, is identified as a provider of “bulletproof hosting” services, which are designed to shield cybercriminals from law enforcement. These services have reportedly been used by ransomware groups such as Lockbit, BlackSuit, and Play, as well as in distributed denial-of-service (DDoS) attacks. ML. Cloud LLC, a related company, is also implicated in supporting these operations.
Volosovik, the general director of Media Land, is alleged to have promoted the company’s services on cybercriminal forums and provided technical support to ransomware operators. Zatolokin is described as being responsible for payment collection and operational coordination within the organisation.
Foreign Minister Penny Wong (pictured) commented: “The Albanese government is working to strengthen Australia’s resilience and keep Australians safe from cyber criminals. Working across government and with international partners, we will continue to take action against Russia, to disrupt cybercrime and hold malicious cyber actors to account.”
The sanctions are expected to affect Australia’s insurance and financial services sectors. Organisations that engage with sanctioned entities may be subject to legal penalties and increased regulatory scrutiny. The government’s actions are part of ongoing efforts to address cyber risk management, compliance, and adherence to international sanctions.
Home Affairs and Cyber Security Minister Tony Burke added: “We will continue to do everything we can to break down the networks and alienate the individuals who are driving cyberattacks against Australia and Australian interests. This is one of the fastest growing threats our country faces, and our government will ensure we are ready to face it.”
Australian authorities encourage businesses to report cyber incidents and vulnerabilities to the Australian Signals Directorate. Recommended practices include regular software updates, frequent data backups, and staff training to recognise and avoid phishing and ransomware threats. The government is working with international partners to address cybercrime infrastructure.
Developments in cyber risk management and regulatory requirements continue to affect insurance professionals, as sanctions become more frequently used in response to cyber threats.
