Treasury takes strong action to tackle ransomware – MeriTalk
As part of a government-wide effort to combat ransomware, the US Treasury Department is taking strong action to disrupt the criminal networks and virtual currency exchanges responsible for ransom laundering, encouraging best practices in cybersecurity issues and increase the efficient and timely reporting of incidents to agencies.
“Ransomware and cyber attacks victimize businesses large and small across America and pose a direct threat to our economy. We will continue to crack down on malicious actors, ”Treasury Secretary Janet L. Yellen said in a press release on September 21. sanctions and regulatory tools, to disrupt, deter and prevent ransomware attacks.
Among the actions undertaken is the designation of the first virtual bureau de change for complicit financial services. The Treasury Department’s Office of Foreign Assets Control (OFAC) prohibits use or engagement with SUEX, a virtual bureau de change, due to its involvement in facilitating financial transactions for ransomware players.
“SUEX has facilitated transactions involving illicit products of at least eight ransomware variants,” the Treasury Department said. “Analysis of known SUEX transactions shows that over 40% of the history of known SUEX transactions is associated with illicit actors. “
Virtual currency exchanges are critical to the profitability of ransomware attacks, which help fund additional cybercrime activities. The Treasury Department plans to continue to disrupt and hold these entities accountable to reduce the incentive for cybercriminals to continue carrying out these attacks.
This action is the first designation of sanctions against a virtual currency exchange and was carried out with the help of the FBI.
In addition, the Treasury Department said any financial institution or person engaged in activities with sanctioned entities and individuals could face sanctions or be subject to enforcement action.
OFAC has also issued an updated advisory on potential sanction risks to facilitate ransomware payments, highlighting how the US government continues to discourage payment of cyber, ransom or extortion demands and recognizes the importance of cyber -hygiene to prevent or mitigate such attacks.
The updates highlight the importance of improving cybersecurity practices and reporting a ransomware attack to the appropriate government agencies. Proper and timely reporting is essential for government agencies, including law enforcement, to understand and counter ransomware attacks and malicious cyber actors.
Overall, the actions of the Treasury Department advance the broader US government’s anti-ransomware strategy, which emphasizes the need for a collaborative approach to counter ransomware attacks, including a partnership. between the public and private sectors and close relationships with international partners.