Biden administration sanctions cryptocurrency exchange in a bid to reduce ransomware groups’ income
By Sean Lyngaas, CNN
The Biden administration on Tuesday imposed sanctions on a cryptocurrency exchange in one of the most direct U.S. efforts to date to cut revenues from ransomware groups which have cost the economy hundreds of millions of dollars.
The sanctions cut off access to U.S. markets for Suex, a cryptocurrency exchange that U.S. officials accused of doing business with hackers behind eight types of ransomware – malware that locks down computers.
The Treasury Department also updated its sanctions guidelines for US businesses to “strongly discourage” companies from paying ransoms to cybercriminals. U.S. officials fear that multi-million dollar extortions by large U.S. corporations have sparked more ransomware attacks from groups based in Eastern Europe and Russia.
The news comes as US officials are skeptical that Russian President Vladimir Putin will do anything to curb cybercriminals operating from Russian soil. On Monday, an Iowa grain cooperative became the latest U.S. company to suffer from a ransomware intrusion at the hands of suspected Russian-speaking hackers.
Suex promotes itself as an easy way to buy cryptocurrency, which is often difficult to trace, with a credit or debit card. While Suex is relatively obscure in the cryptocurrency market, the Treasury Department has estimated that 40% of Suex’s transaction history is linked to illicit activity. The exchange did not respond to a request for comment on Tuesday.
“The impact on the sanctioned exchange will be severe,” Tom Robinson, co-founder of cryptocurrency analysis firm Elliptic, told CNN. “The Treasury effectively cut off access to the US dollar. Everywhere, banks will be on alert.
The ransomware threat gained national attention in May, when suspected Russian cybercriminals forced Colonial pipeline, which carries about 45% of all fuel consumed on the east coast, to shut down for days.
Colonial Pipeline paid hackers $ 4.4 million in cryptocurrency to recover company data. The Ministry of Justice seized approximately $ 2.3 million of this ransom from hackers, but officials don’t want the money leaving corporate accounts in the first place.
Viewing ransomware as a threat to national security and the economy, President Joe Biden in June urged Putin to crack down on cybercriminals operating from Russia. However, FBI Deputy Director Paul Abbate said last week that there was “no indication” that Putin had done so.
On Monday, New Cooperative, a grain distributor with 60 locations in Iowa, confirmed that it was the target of a ransomware attack by a Russian-speaking group known as BlackMatter. Some cybersecurity experts believe BlackMatter is linked to the same group that hacked Colonial Pipeline computers.
“As a precaution, we have proactively taken our systems offline to contain the threat, and we can confirm that it has been successfully contained,” New Cooperative said in a statement.
The cooperative declined to comment on the amount of ransom demanded by the hackers. But Recorded Future, a Boston-based threat intelligence firm, said the hackers demanded $ 5.9 million, citing transcripts of negotiations between New Cooperative and BlackMatter.
“We are monitoring the ransomware incident, but we do not see any particular impact [on the cooperative’s operations] right now, ”Anne Neuberger, deputy White House national security adviser, told reporters on Monday. “We are in contact with the company and work closely with it.
™ & © 2021 Cable News Network, Inc., a WarnerMedia Company. All rights reserved.