Live: Samsung Unpacked Live Updates Apple HomePod 2 Review Apple Earnings Preview Resurrecting the Dodo COVID Emergency to Expire DOJ Eyes Tesla Self-Driving DC's 'Gods and Monsters' Slate Salami, Sausage Recalled
Want CNET to notify you of price drops and the latest stories?
No, thank you

US Treasury hits back at ransomware attacks with sanctions

One of the Treasury's first targets is SUEX, a virtual currency exchange.

The US Treasury Building in Washington, DC.
Chip Somodevilla/Getty Images

The US Department of the Treasury on Tuesday announced new actions aimed at disrupting criminal networks and the cryptocurrency exchanges used to launder digital ransoms. The measures also seek to improve private-sector cybersecurity and improve the reporting to US authorities of incidents and ransomware payments. 

The announcement comes as companies and governments around the world have suffered ransomware attacks facilitated by payments in cryptocurrency. Recent examples include ransomware attacks on software firm Kaseya, meat supplier JBS and the Colonial Pipeline, all of which had serious ramifications for the wider economy.

Within today's actions is a designation from the Treasury's Office of Foreign Asset Control on virtual currency exchange SUEX. The Treasury says SUEX has been "facilitating financial transactions for ransomware actors."

The Treasury relied on specialized analytics tools to understand the breadth of the illicit activities taking place on the SUEX exchange. It states that more than 40% of the known transaction history at SUEX is associated with "illicit actors."

SUEX could not be immediately reached for comment.

"Ransomware and cyber-attacks are victimizing businesses large and small across America and are a direct threat to our economy. We will continue to crack down on malicious actors," said Treasury Secretary Janet Yellen in the release. "As cyber criminals use increasingly sophisticated methods and technology, we are committed to using the full range of measures, to include sanctions and regulatory tools, to disrupt, deter, and prevent ransomware attacks."

The OFAC also released an advisory document on Tuesday to help clarify the risks associated with ransomware payments and help businesses to have plans in place to mitigate those risks. The OFAC also maintains an FAQ on virtual currency to further explain risks and potential compliance issues.