The US Government has underlined once again that it continues to strongly discourage organisations hit by ransomware from giving in to extortion demands.
In an updated advisory, the Department of Treasury’s Office of Foreign Assets Control (OFAC) has called upon businesses not to pay ransoms, and to focus on cybersecurity measures that can prevent or mitigate ransomware attacks.
In its updated advisory, OFAC not only emphasises the importance of improving cyber hygiene and security practices, but also reporting to, and co-operating with, government agencies in the wake of a ransomware attack.
According to the agency, victims reporting attacks is essential for law enforcement and other government agencies to fully understand and counter-attacks orchestrated by ransomware gangs.
The updated advisory comes as the US Treasury imposes sanctions on the cryptocurrency exchange SUEX for facilitating “financial transactions for ransomware actors.”
The US Treasury says that this is the first time it has targeted a cryptocurrency exchange “for laundering cyber ransoms.”
“SUEX has facilitated transactions involving illicit proceeds from at least eight ransomware variants. Analysis of known SUEX transactions shows that over 40% of SUEX’s known transaction history is associated with illicit actors. SUEX is being designated pursuant to Executive Order 13694, as amended, for providing material support to the threat posed by criminal ransomware actors.”
SUEX, which is incorporated in the Czech Republic but operates out of Moscow, largely communicates with its clients via the Telegram secure messaging app – only accepting new customers who have been referred by trusted intermediaries.
The sanctions will make it much more difficult for SUEX to engage in business with US organisations, and any institution engaging with SUEX could find themselves at the sharp end of a penalty, their own sanctions order, or other enforcement actions.
With ransomware victimising American businesses with a greater ferocity than ever before it’s no surprise to see the US Government attempting to disrupt as much as possible the flow of cryptocurrency into attackers’ hands.
If a cybercriminal gang’s major financial pipeline can be cut off the incentives for such attacks may reduce.
According to the US Treasury, $400 million worth of ransomware payments were made in 2020, more than four times the figure for 2019.
Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.