The Biden administration is taking action to safeguard against ransomware attacks by penalizing cryptocurrency exchanges that help facilitate illegal attacks, while also laying out guidelines for companies to safeguard against said attacks.
In its strongest actions to date, the U.S. Treasury will impose sanctions on Suex – a virtual currency exchange that has fronted transactions involving illegal profits for at least eight different ransomware attacks. Analysis of known SUEX transactions shows that over 40% of the exchange’s known transaction history is associated with illegal actors.
By sanctioning crypto exchanges, the Treasury is hoping to make it more difficult for ransomware gangs to operate, and make it harder for attackers to use cryptocurrency to extract ransoms from companies.
In May, Colonial — one of the largest fuel pipelines in the U.S. — became a in an attack that forced the company to temporarily shut down some of its operations. It ultimately cost them over $4 million worth of bitcoin (), and led to gas shortages nationwide.
Virtual currency exchanges like Suex are critical to the profitability of ransomware attacks, which help fund cybercriminal activity. Some virtual currency exchanges can be exploited by hackers, but others — like SUEX — help facilitate illegal activities for their own gains.
“As cyber criminals use increasingly sophisticated methods and technology, we are committed to using the full range of measures, to include sanctions and regulatory tools, to disrupt, deter, and prevent ransomware attacks,” Treasury Secretary Janet Yellen said in a statement.
Today’s action serves as the opening shot, with the government continuing to look for other crypto exchanges or components of the digital asset ecosystem that are being manipulated by bad actors, as well as consider other actions that can be taken to deter attacks.
The Treasury Department is also looking at the role so-called “mixers” play in facilitating illegal transactions, by essentially making the coins less traceable. Treasury officials plan to work with other agencies, including the FBI, to disrupt ransomware payments.
In taking action against Suex, the government is also outlining steps private companies can take to guard against ransomware attacks. The government strongly discourages companies from making ransomware payments. In the case that a firm feels they have no choice but to pay out, officials encourage companies to report the attack as soon as possible to law enforcement.
The government is also encouraging companies to invest in cyber defenses while also forming partnerships with the private sector to share information and guard against any future attacks. One incentive the administration is working on is cyber insurance. To get companies to beef up their cyber protection, the government is working with cyber insurers to offer lower insurance premiums to companies that invest in cyber safeguards like encryption, multifactor identification. The administration is in talks with the cyber insurance sector about incentives.
Ransomware attacks against U.S. infrastructure have escalated over the past couple years, reaching more than $400 million in ransomware payments last year – four times the level of payment in 2019. In addition to Colonial, international cybercriminals also targeted JBS Foods International, the country's second-largest meat producer, this year.
Next month, the White House will host a meeting with international partners to counter ransomware efforts.
For more information about cryptocurrency, check out: