The Biden administration has unveiled plans to curtail the ransomware attacks that have crippled corporate networks this year.
The US Treasury Department is set to announce sanctions and similar guidance designed to disrupt the financial infrastructure that has enabled ransomware attacks. The agency is considering levying fines and other penalties on businesses that cooperate with hackers – including exchanges and mixer services that may allow cybercriminals to launder illicit funds.
Officials familiar with the administration’s plans tell the Journal that the sanctions may target specific entities and actions conducted over distributed ledgers. US lawmakers say this action aims to serve as a deterrent against fulfilling ransom demands – and could focus on both the digital wallets that house ransom payments and the platforms that help obfuscate the funds.
Treasury Department officials are also expected to draw up plans to reduce the role cryptocurrencies play in ransom payouts and other illicit activity on the darknet. Frank Downs, a former NSA offensive analyst said “Implementing sanctions in a smart, targeted manner against marketplaces with proven disregard for accountability aims to tackle one of cryptocurrency’s biggest inherent dangers: money laundering.”
Downs, currently the director of proactive services for the security firm BlueVoyant, adds, “By targeting those specific companies and marketplaces, the administration would illustrate its desire to try and not throw the baby (crypto) out with the bath water.”
Biden met with Russian President Vladimir Putin in June in and detailed several critical infrastructure sectors that must remain off-limits to criminal hackers. He said he warned Putin that if Russia failed to act, the U.S. reserved the right to do so.
During a panel at the Intelligence and National Security Summit last week, FBI Deputy Director Paul Abbate said, “Based on what we’ve seen, I would say there is no indication that the Russian government has taken action to crack down on ransomware actors that are operating in the permissive environment that they have created there”.
White House relaunched efforts to undermine ransomware’s effectiveness include the launch of a joint ransomware task force, and diplomatic efforts from Anne Neuberger, the deputy national security adviser for cyber and emerging technology, to combat cybercrime.