U.S. Treasury Secretary Janet Yellen answers questions during the Senate Fund Allocation Subcommittee hearing to consider the Treasury Department’s budget proposal for fiscal year 22 on Capitol Hill in Washington, DC, June 23, 2021.
Greg Nash | Swimming pool | Reuters
The U.S. Treasury Department announced Tuesday that it would sanction a cryptocurrency exchange for its alleged role in ransom laundering for cyberattacks.
It’s the first of its kind against a virtual currency exchange and comes after a series of cyberattacks paralyzed multiple industries and even threatened US government agencies. In 2020 alone, ransomware payments totaled more than $ 400 million, more than four times that of 2019, according to the Treasury Department.
Ransomware is a type of cyberattack in which actors often prevent access to important programs and demand payments, usually in a cryptocurrency like Bitcoin, in order to unlock them.
The department’s Office of Foreign Assets Control will name the Suex cryptocurrency exchange for allegedly playing a role in facilitating financial transactions for ransomware actors.
While the Treasury Department stressed that most virtual currency activity is legal, technologies that facilitate these payments can be exploited by bad actors. Cryptocurrency transactions are decentralized and can be harder to track than those made through traditional financial institutions. The ministry said in the Suex case it helped facilitate illegal activities “for their own illegal gain”.
The department claimed that Suex “facilitated transactions with illegal income from at least eight ransomware variants.” It is also said that more than 40% of the company’s known transaction history “relates to illegal actors”.
The new name means that it will be much more difficult for Suex to do business with US companies. US citizens are generally prohibited from transacting with sanctioned companies, and financial institutions that engage in certain activities with them could face sanctions or enforcement measures themselves.
In addition to taking action against Suex, the department has clarified its guidelines for companies on how to respond to ransomware attacks. The guide “strongly encourages victims and affiliates to report these incidents to law enforcement agencies as soon as possible and to cooperate fully with them,” said a press release, and continues to advise against paying ransom money.
The recommendation also states that US companies could be penalized for making payments to a sanctioned actor even if they were unaware of the fact, as in the case of paying a ransom. Still, the guidelines state that OFAC would consider working with a company in the event of a ransomware attack to determine the ultimate consequences.
The government has emphasized the importance of its own knowledge of cyberattacks in order to contain damage. The value of this knowledge was demonstrated last year in the SolarWinds attack that affected several government agencies. This attack came to light after another cybersecurity company, FireEye, reported a sophisticated attack on its own systems. Microsoft President Brad Smith told lawmakers that FireEye disclosure was critical to understanding the extent of the attack.
Since then, lawmakers have introduced a measure requiring government contractors and critical infrastructure companies to disclose cyberattacks, while giving them a limited safe haven from legal action over such disclosure.
Subscribe to CNBC on YouTube.
WATCH: The massive cyberattack that hit government agencies and Microsoft explains: CNBC After Hours