The Biden administration is planning to roll out new policies designed to hobble the ransomware industry’s reliance on digital currencies.
According to the Wall Street Journal, the U.S. Treasury will soon roll out a variety of “fines and other penalties” designed to punish companies that act as safe harbors for criminals. The new penalties—which will reportedly include “sanctions” against bad actors—would target crypto exchanges and other platforms that are commonly used by ransomware operators and their affiliates. However, it’s unclear who, specifically, these sanctions will be aimed at—or what the details of the new policies will be. Sources told the Journal that the changes, whatever they are, will take effect “as soon as next week.” They will be accompanied by new guidance for businesses on how to avoid aiding and abetting such criminals.
Amidst all this, much has been said about cryptocurrency’s role in making these attacks profitable. For cybercriminal gangs, the anonymized digital monies are a preferred means of extorting victims. Once a ransom has been paid out, the hackers will typically channel their ill-gotten funds through a number of different crypto wallets and exchanges before finally “cashing out” and converting the tokens into fiat via dark web marketplaces. Because of this, many have argued that a ban on crypto would be a surefire way to hobble large parts of the cybercrime ecosystem.
The Treasury’s new measures are only the most recent sign that the U.S. wants to take a much more aggressive stance in fighting the criminal trend. Earlier this year, the Department of Justice formed an internal task force devoted to targeting the ransomware ecosystem. In June, not long after the Colonial Pipeline attack, the DOJ formally issued new guidance to all of its offices, making it known that it planned to pursue ransomware criminals with tactics currently reserved for foreign and domestic terrorists.
Meanwhile, the Biden administration has also sought diplomatic solutions. With so many of the ransomware gangs reportedly based in Russia or its surrounding territories, the White House has repeatedly sought to engage Russian leader Vladimir Putin, in the hopes that he might crackdown on the criminals operating within his nation’s borders. In June, a summit was held in Geneva between Biden and Putin, during which the two discussed the problem. Several weeks later, when the disastrous Kaseya ransomware attack hit companies across the globe, the two talked again. Since then, U.S. and Russian officials have reportedly continued to engage on the topic, though such talks apparently haven’t yet borne very satisfying results.
“There is no indication that the Russian government has taken action to crack down on ransomware actors that are operating in the permissive environment they have created there,” said FBI Deputy Director Paul Abbate at an intelligence conference earlier this week, the Journal reports.