US aims to hit revenue streams of ransomware groups with sanctions

The Biden administration is planning to impose new sanctions to disrupt the source of revenue of ransomware groups that have extorted major US firms of millions of dollars, a US official and a private cybersecurity expert briefed on the matter told CNN.

As soon as next week, the Treasury Department plans to slap sanctions on an entity in the cryptocurrency market, the two sources said on the condition of anonymity. Treasury’s Office of Foreign Assets Control also plans to issue updated guidance to companies on how to avoid breaking US law when making ransomware payments to cybercriminals.

The Wall Street Journal was first to report on the impending Treasury actions.

Spokespeople for the Treasury Department and White House’s National Security Council declined to comment.

It’s the most direct effort yet by the Biden administration to attack the source of funding of ransomware gangs that lock up US computers and demand payment in difficult-to-trace cryptocurrency. Administration officials have lamented how multimillion-dollar payments to ransomware groups based in Eastern Europe and Russia have allowed the hackers to invest in new tools for further attacks.

President Joe Biden in June urged Russian President Vladimir Putin to crack down on cybercriminals operating from Russia. But FBI Deputy Director Paul Abbate said this week that there was “no indication” that Putin had done so.

The ransomware threat gained national attention in May when alleged Russian cybercriminals forced Colonial Pipeline, which transports some 45% of all fuel consumed on the East Coast, to shut down for days. The incident led to shortages at gas stations on the east coast, and Colonial Pipeline paid the hackers $4.4 million to recover the company’s data.

The-CNN-Wire
™ & © 2021 Cable News Network, Inc., a WarnerMedia Company. All rights reserved.

More from WTOP

Log in to your WTOP account for notifications and alerts customized for you.

Sign up