Hackers use ransomware to disrupt systems that control everything from hospitals to manufacturing.
According to officials, the Biden administration sanctioned a cryptocurrency exchange on Tuesday as part of a broader response to the growing threat, for their alleged role in allowing illicit payments from ransomware attacks.
The Treasury Department charged Suex OTC, SRO with facilitating illegal transactions of at least eight ransomware variants, marking the Department’s first action against a virtual monetary exchange over ransomware activity.
“Exchanges like Suex are critical for attackers’ ability to extract benefits from ransomware attackers,” Deputy Secretary of the Treasury Wally Adeyemo told reporters on Monday evening, ahead of the announcement. “Through these attacks, we intend to expose and disrupt the illegal infrastructure,” the statement said.
Hackers use ransomware to disrupt systems that control everything from hospitals to manufacturing. They only stop when they have large sums of money, which is usually in cryptocurrency.
In large-scale hacks this year, Ransomware gangs targeted many major US companies. An attack on the Colonial Pipeline pipeline operator caused a temporary fuel shortage on the US East Coast. Hackers also targeted an Iowa-based agricultural firm that expressed concern about disruptions in the Midwest grain harvest.
During a conference call with reporters, Anne Neuberger, Deputy National Security Advisor for Cyber, stated that ransomware payments will exceed $400 million in 2020, more than four times the level in 2019.
According to a report by Russian President Vladimir Putin, the threat has grown to the point where US President Joe Biden stated at a meeting in July that companies for “critical infrastructure” are off limits to ransomware gangs. According to cyber security experts and federal prosecutors, such groups frequently operate out of Russia or Ukraine.
On the call, officials stated that the administration is updating the sanctions guidelines to encourage victims of ransomware attacks to share information with police.
According to the Treasury, an examination of known Suex transactions reveals that more than 40% of these transactions involved illegal actors. While some exchanges are used by bad actors, the agency has stated that others, such as Suex, “facilitate illegitimate activities for their own illicit profits.”
“Rogue cryptocurrency exchanges have long been key facilitators for ransomware gangs,” said Tom Robinson, chief scientist and co-founder of blockchain analysis firm Elliptic, in an e-mailed statement. “The US government’s action sends a clear signal that it will not tolerate this activity, wherever it occurs.”
The sanctions, which are part of a 2015 executive order against cyber criminals, prevent Suex from accessing any US property and bar Americans from trading.