US Treasury hits back at ransomware attacks with sanctions

The US Department of the Treasury on Tuesday announced new actions aimed at disrupting criminal networks and the cryptocurrency exchanges used to launder digital ransoms. The measures also seek to improve private-sector cybersecurity and improve the reporting to US authorities of incidents and ransomware payments. 

The announcement comes as companies and governments around the world have suffered ransomware attacks facilitated by payments in cryptocurrency. Recent examples include ransomware attacks on software firm Kaseya, meat supplier JBS and the Colonial Pipeline, all of which had serious ramifications for the wider economy.

Within today's actions is a designation from the Treasury's Office of Foreign Asset Control on virtual currency exchange SUEX. The Treasury says SUEX has been "facilitating financial transactions for ransomware actors."

The Treasury relied on specialized analytics tools to understand the breadth of the illicit activities taking place on the SUEX exchange. It states that more than 40% of the known transaction history at SUEX is associated with "illicit actors."

SUEX could not be immediately reached for comment.

"Ransomware and cyber-attacks are victimizing businesses large and small across America and are a direct threat to our economy. We will continue to crack down on malicious actors," said Treasury Secretary Janet Yellen in the release. "As cyber criminals use increasingly sophisticated methods and technology, we are committed to using the full range of measures, to include sanctions and regulatory tools, to disrupt, deter, and prevent ransomware attacks."

The OFAC also released an advisory document on Tuesday to help clarify the risks associated with ransomware payments and help businesses to have plans in place to mitigate those risks. The OFAC also maintains an FAQ on virtual currency to further explain risks and potential compliance issues.