- The US Treasury Department said on Tuesday that a cryptocurrency exchange will be sanctioned for its suspected role in laundering cyberattack ransoms
- According to the department, this is the first time they’ve taken action against a bitcoin exchange
- Suex, a crypto exchange, is accused by the Treasury of facilitating transactions containing unlawful earnings from at least eight ransomware versions
The US Treasury Department said on Tuesday that a cryptocurrency exchange will be sanctioned for its suspected role in laundering cyberattack ransoms. It’s the first time a virtual currency exchange has been targeted in this way, and it comes after a slew of cyberattacks disrupted various businesses and even threatened US government organizations. Ransomware payments totaled more than $400 million in 2020, according to the Treasury, more than four times what they were in 2019.
Suex is accused of its involvement in ransomware attacks
Ransomware is a sort of cyberattack in which criminals block access to important applications and demand payment, generally in the form of a cryptocurrency like bitcoin, to restore access. Suex, a cryptocurrency exchange, will be designated by the Treasury Department’s Office of Foreign Assets Control for allegedly facilitating financial transactions for ransomware attackers.
While the Treasury stressed that the majority of virtual currency activity is legitimate, criminal actors can take advantage of technologies that facilitate those payments. Transactions involving cryptocurrency are decentralized and can be more difficult to track than those involving established banking institutions. According to the department, in Suex’s case, it assisted in the facilitation of criminal conduct for their own illicit gain.
Suex is accused of facilitating transactions involving unlawful proceeds from at least eight ransomware strains, according to the government. It further claimed that illicit actors are involved in more than 40% of the company’s known transaction history. Suex will find it far more difficult to do business with US firms as a result of the new status. Financial institutions that participate in particular operations with sanctioned entities may face penalties or enforcement measures, and U.S. persons are generally prohibited from transacting with them.
Department’s instructions of taking action against Suex
The department also revised its instructions for businesses on how to respond to ransomware threats, in addition to the action against Suex. According to a press release, the advice strongly encourages victims and linked companies to report these events to law authorities as soon as possible and completely cooperate with them, and continues to discourage them from paying ransoms.
The warning also warns that paying a ransom to a sanctioned actor could result in sanctions, even if the recipient is unaware of the payment. Nonetheless, the guidance states that when considering the eventual implications of a ransomware assault, OFAC will take into account a company’s cooperation. To assist reduce harm, the government has highlighted the necessity of its own expertise in cyberattacks. The importance of such expertise was highlighted last year by the attack on SolarWinds, which impacted a number of government institutions. That hack was discovered after FireEye, another cybersecurity firm, reported a sophisticated attack on its own systems. FireEye’s disclosure, according to Microsoft President Brad Smith, was important in determining the scope of the attack.
Since then, lawmakers have introduced legislation requiring government contractors and vital infrastructure corporations to report hacks while also providing them with a limited safe harbor from legal penalties.