The Treasury Department said it was imposing sanctions on a virtual currency exchange called Suex, in the administration’s most pointed response to ransomware attacks that have disrupted U.S. fuel and meat supplies this year, when foreign hackers locked down corporate computer systems and demanded large sums of money to free them.
The illicit financial transactions underpinning ransomware attacks have been taking place with cryptocurrencies, which the U.S. government has said it is determined to regulate.
The Treasury Department said Suex, which is based in Russia, had facilitated transactions involving illegal proceeds from at least eight ransomware episodes. More than 40% of the exchange’s transactions had been linked to criminal actors, the department said.
Cybersecurity experts say ransomware gangs operate in the ether of the internet, all but untouchable by law enforcement, and that their preferred method of payment is typically hard to track cryptocurrencies.
Russia, where many cybercriminals are based, pivoted from trying to ban digital currencies outright to enacting regulation this year allowing ownership of crypto assets.
The Treasury Department’s action came three months after President Biden, meeting in Geneva with President Vladimir Putin of Russia, demanded a crackdown on ransomware operators suspected of working from Russian territory.
The Treasury Department said that in 2020, ransomware payments topped $400 million U.S., four times as high as they were in the previous year.
