Pages

Thursday, January 04, 2024

High-rolling tradie gamblers seek court secrecy in tax stoush

 Scam of the Year 2023: nine of the niftiest scams in Australian business and politics by Michael West |


The Victorian government has all but ruled out paying a ransom to hackers who broke into a system that stores court recordings, including of sensitive cases closed to the public.

Its stance is in line with federal government advice not to encourage hackers but makes it likely that the criminals, whose identity is unknown, will release stolen recordings that could contain sensitive testimony.

Due to the increasing rates and complexity of attacks, it’s almost inevitable that Australian businesses will face a data breach or ransomware attack at some point.

Hackers have accessed Victoria’s court system, including potentially sensitive recordings. Bloomberg

Court Services Victoria, the agency that administers the state’s judicial system, confirmed on Tuesday that the hackers had accessed its audiovisual technology late last year.

A spokesman for the Victorian government issued a brief statement on Tuesday, saying its “practice has been not to pay ransomware demands”.

Earlier on Tuesday, acting Victorian Premier Ben Carroll had left open the possibility, saying, “We have a range of choices when it comes to cyber activity”, in response to a question about ransoms.

The breached technology is used to record hearings, including where sensitive witnesses are present, and deliver transcriptions of cases that the media may be barred from covering.

Court Services Victoria chief executive Louise Anderson said recordings between November 1 and December 21 may have been accessed, with earlier recordings also possibly exposed.

All criminal and civil hearings in that time span from the Victorian County Court have been potentially exposed. Other hearings from December 1 to December 21 in the Supreme Court’s criminal and court of appeal divisions may also have been exposed, according to a table released by Court Services.

‘Don’t pay up’

The hack happened on December 8, Court Services said. The ABC reported that the hackers issued a ransom note to the courts on December 21 via its own computers with the text “YOU HAVE BEEN PWND”, which is hacker jargon bragging that a target has been breached.

The federal government’s official advice is for hacking victims not to pay because they have no guarantee that stolen material will be deleted, and it furthers the cybercriminals’ business. But it is common for victims to pay to avoid reputation risk and damage to their customers.

Ms Anderson said Court Services immediately isolated and disabled the affected network when it was informed of the breach. “As a result, hearings in January will be proceeding,” she said. No other court systems were affected, she said.

“We understand this will be unsettling for those who have been part of a hearing,” Ms Anderson said. “We recognise and apologise for the distress that this may cause people.”

Targeting sensitive services such as health or legal organisations and then demanding a payment to delete stolen data is the modus operandi of ransomware gangs that often operate out of Russia.

Medibank was hacked in a similar fashion in 2022, as was Legal Aid in the ACT. The large law firm HWL Ebsworth was breached in 2023. It refused to pay a ransom and its files were released online.

Court Services has established a dedicated hotline for people affected by the breach. Ms Anderson said most court and tribunal hearings were public and not confidential. But she issued a reminder: “The unauthorised use of recordings of hearings is not permitted.”

Mr Carroll said while he did not know the source of the court hack, it had been “well contained” and no hearings had been derailed.

“There has been no evidence to date that there will be any malpractice or judicial irregularities,” Mr Carroll said on Tuesday.

“I don’t know anything about exactly who was responsible, and obviously, it is a sensitive matter and no one wants to see anything of this nature occur. But it has been identified, it has been contained, and all the authorities are working on it.

“I understand that court operations have not been affected, that this operation has been essentially confined – all court cases, all hearings, all evidence and all procedure is thoroughly protected. We’re very confident we’ll get to the bottom of it.”



High-rolling tradie gamblers seek court secrecy in tax stoush

A pair of cashed-up tradies who gambled heavily at Crown casino and at private poker games are fighting massive tax bills – but court rules mean you’re not allowed to know who they are.



The cashed-up tradies, a pair of brothers from Sydney targeted by two criminal investigations, are part of an unknown number of people who have filed cases using “fake” names.
Federal Court officials have refused to release documents in the case, which is an appeal from a decision of the Administrative Appeals Tribunal that upheld the brothers’ tax bills.
But tribunal documents show that both NSW Police and the NSW Crime Commission have run criminal investigations into the brothers, who had a business that owned a single concrete pumping truck and gambled large sums at Crown Casino in Melbourne.
The Tax Office claimed the brothers “significantly understated their taxable income” between 2011 and 2016, saying they either made more than they admitted from the concrete pumping truck or “had other unidentified sources of income”, AAT deputy president Bernard McCabe said in a ruling handed down in October.
In response, the brothers, who were given the pseudonyms QQRK and WHKY, said that large amounts of cash that passed through their hands were due to prolific and successful gambling.
Older brother QQRK told the tribunal he started gambling regularly in 2001, beginning with small bets on rugby league and American basketball, before becoming a regular gambler at Crown Casino from 2010 onwards, where he played poker, baccarat, roulette and blackjack.
Between 2011 and 2016 he took several trips to Crown a year, each lasting several days.
At Crown he played against the house and against other players at the Aussie Millions poker tournament hosted by the casino, he said.
He said he also hosted high-stakes poker games at his home at least once a month “and a few times a month around Christmas time”.
“The buy-ins were anywhere between $5000 to $50,000 and players would often walk away with hundreds of thousands of dollars in winnings,” he told the AAT.
He said he hid up to $600,000 in cash at a time in bundles around his house or in a small safe, claiming to the tribunal he knew how much was there at any one time “to the dollar”.
Mr McCabe didn’t accept QQRK’s evidence, saying it had troubling inconsistencies that included denying he owned any luxury cars.
“That claim ignored his ownership of an Audi R8, the very definition of a luxury car,” Mr McCabe said in his ruling.
WHKY told the AAT he bought his first car, a one-year-old Lexus, in 2011 for $25,000 using money he won gambling.
He said he gambled at casinos around the country, with online bookies including Betfair and BetVictor and by playing poker at private games at homes around Sydney.
When travelling to Crown in Melbourne he would take as much as $20,000 in cash with him, he said.
Mr McCabe said WHKY was “an unsatisfactory witness who was given to exaggeration”.
He found the brothers had not done enough to set aside the ATO’s estimate of their income, but reduced penalties charged against WHKY.
The ability of parties to use pseudonyms in some Federal Court matters operates in addition to changes to access rules that came into force early this year often limiting access to court files, introduced without consultation with the media.
A court spokesperson was unable to say how many cases it allowed to be filed under a pseudonym but said the court had “routinely” allowed the practice in appeals from tribunals where fake names were used “across all matters, including migration matters, since 2020”.
The court publishes rules requiring migration cases, which frequently involve claims of persecution, to be filed under a pseudonym but there is no equivalent written policy covering other types of cases.
Cases filed under a pseudonym are “temporarily removed” from public view on the Comcourts website “to ensure that the names of the persons associated with a pseudonym are not inadvertently published” but are usually restored within a day, the spokesperson said.