US Sanctions ‘Aim To Cut Off Hackers’ Access’ To Cryptocurrency

The US is reportedly preparing actions including sanctions that aim to cut off ransomware hackers’ access to cryptocurrency payments.

The actions follow a string of increasingly disruptive cyber-attacks by ransomware gangs.

In response, the US Treasury Department could impose sanctions as soon as this week, along with issuing new guidance to businesses about the risks associated with facilitating ransomware payments, including fines and other penalties, the Wall Street Journal reported.

Money-laundering rules and terrorism-financing rules planned for later this year are also expected to target the use of cryptocurrency as a payment mechanism for ransomware attacks and other illicit activities.

Ransom payments

Digital currencies are a key means employed by ransomware gangs, as they can make the transfer of funds highly difficult for law-enforcement authorities to trace.

The Journal reported that the Treasury measures are expected to target the digital wallets that receive ransomware payments, the cryptocurrency trading platfoms that help to make funds difficult to trace and the people who own or manage such operations.

The Treasury Department declined to comment.

In May one of the biggest US oil pipelines, Colonial Pipeline, went offline after a ransomware attack, forcing the company to pay more than $4 million (£3m) in ransom to bring the operation back online.

A large US insurer, CNA Financial, reportedly paid a staggering $40m in ransom to restore its services after a hack in March.

Infrastructure threat

Last month Bangkok Airways said stolen passenger data was exposed by hackers after the company refused to pay a ransom.

Following the Colonial Pipeline hack US president Joe Biden signed an executive order making it easier for government and private sector businesses to share information in the wake of cyberattacks, while also requiring government agencies to deploy multi-factor authentication.

The US State Department also announced it would offer a reward of up to $10m for information leading to the identification or location of persons who carry out cyber-attacks on the orders of a foreign government against US critical infrastructure.

The Colonial Pipeline hack was thought to be carried out by the Russia-based REvil ransomware gang.