World News | Biden Administration Targets Ransomware Payment ''enablers''

Washington, Sep 19 (AP) The Biden administration took aim Tuesday at the financial marketplace for criminal ransomware gangs, announcing sanctions against a Russia-based virtual currency brokerage that officials say has processed illicit transactions for attackers.

The Treasury Department sanctions are aimed at disrupting the economic infrastructure of a ransomware threat that has surged over the last year and targeted vital corporations and critical infrastructure, including a major fuel pipeline. Ransomware payments reached more than USD400 million in 2020, the costliest year on record.

Also Read | Rabi Ul Awwal 2021 Date in Saudi Arabia: When Is Moon Sighting and Eid Milad Un Nabi?.

The goal of the action is to go after the “financial enablers” of ransomware gangs, Deputy Treasury Secretary Wally Adeyemo told reporters in previewing the announcement.

“Today's action is a signal of our intention to expose and disrupt the illicit infrastructure using these attacks,” Adeyemo said.

Also Read | Elon Musk Mocks US President Joe Biden for Not Appreciating SpaceX's Historic Civilian Flight.

Through its Office of Foreign Assets Control, the Treasury Department has previously sanctioned ransomware developers and distributors, and officials say more such designations are possible.

The administration selected for sanctions a currency exchange known as SUEX OTC, a broker it said has facilitated transactions for at least eight ransomware variants.

Though the majority of virtual currency exchanges are engaged in legal commerce, a subset of so-called “nested” exchanges processes a disproportionate amount of illicit transactions, Adeyemo said. In the case of SUEX, officials said, more than 40% of its known transaction history is associated with what the administration describes as illicit actors.

SUEX is among the most active of a small group of illicit services that handle most money laundering for cybercriminals, the cryptocurrency-tracking firm Chainalysis said in a blog post.

Although legally registered in the Czech Republic, SUEX has no known physical presence there and instead operates out of branches in Moscow and St. Petersburg, Russia, where users can cash out their virtual currency, said Chainalysis, which works closely with law enforcement on tracking criminal crypto transactions.

It said SUEX has been laundering money from the illicit cryptocurrency exchange BTC-e, which U.S. authorities shut down, perhaps on behalf of administrators, associates or former users. BTC-e's operator was sentenced to five years in prison by a French court in December.

Chainalysis said SUEX deposit addresses hosted at large exchanges have received over USD160 million from cybercriminals since the brokerage opened in early 2018, including nearly USD13 million from ransomware operators including Ryuk, Conti, Maze.

In addition, the Treasury Department says it is updating guidance for ransomware victims that it first issued last year. The advisory strongly discourages victims from paying ransomware, reminding them that some transactions are against the law, and urges victims to report attacks to law enforcement.

“The reality is that the thing we know about this ecosystem is the way that we prevent ransomware attacks is by making sure that we get law enforcement engaged as soon as possible,” Adeyemo said. (AP)

(The above story is verified and authored by Press Trust of India (PTI) staff. PTI, India’s premier news agency, employs more than 400 journalists and 500 stringers to cover almost every district and small town in India.. The views appearing in the above post do not reflect the opinions of LatestLY)