The United States government continues to emphasize that Ransomware victim organizations should not deal with cybercriminals. In a statement from the US Treasury Department, published on Tuesday (21), companies were advised to invest in cybersecurity to prevent or at least mitigate the negative impacts of a ransomware attack.
In addition to recommending investment in cybersecurity, the document also calls for collaboration with government authorities and will begin to actively punish those responsible for the attacks and any other organization that collaborates in the laundering of money from cybercrime.
On the same Tuesday (21st), the US Department of Treasury said, in another statement, that it is taking a series of actions to “stop criminal networks and cryptocurrency brokers responsible for money laundering [proveniente de resgates em casos de ransomware]”.
As the inauguration of this project against ransomware, the US Government has imposed a sanction (punishment) on the cryptocurrency broker SUEX, which is headquartered in the Czech Republic but operates in Moscow, Russia. Although the US Government cannot directly punish SUAX, as it is not a US company, US companies and citizens are prohibited from doing business with it, and if a relationship between SUEX and a US citizen is discovered, that citizen can be fined and must explain himself to the courts.
According to the US Government, SUEX works provides decentralized financial services for at least eight ransomware operators. Local authorities concluded that more than 40% of transactions operated by SUEX were made by cybercriminals.
“SUEX facilitated transactions involving illicit proceeds from at least eight variants of ransomware […] SUEX is being designated in accordance with Executive Order 13694, as amended, to provide material support for the threat posed by criminal ransomware actors“, said a spokesman for the US Government, in a press release.
US Treasury Secretary Janet L. Yellen explains that ransomware attacks are increasing in scale, sophistication and frequency, victimizing governments, individuals and private companies around the world. Furthermore, in 2020 alone, ransomware payments reached more than U$400 million (R$2 billion), four times more than in 2019.
“Ransomware and cyber attacks are victimizing businesses large and small across America and are a direct threat to our economy. We will continue to crack down on malicious actors. As cybercriminals use increasingly sophisticated methods and technologies, we are committed to using the full range of measures, to include sanctions and regulatory tools, to stop, deter and prevent ransomware attacks”, concludes the secretary.