In late September 2021, the U.S. Department of Treasury (DoT) levied sanctions against the Russian cryptocurrency exchange Suex for the laundering of transactions from at least eight ransomware groups. This latest move to “follow the money” is designed to hinder ransomware operations that rely on cryptocurrency to receive payments from victims.
Per the Department of Treasury (DoT), Suex maintained approximately 25 digital addresses that received more than $481 million in Bitcoin alone (this does not include other cryptocurrencies), Approximately $160 million in transfers were associated with various ransomware operators, as well as darknet markets, other criminal scams, and “high risk” exchanges.
On October 22, the Department of the Treasury’s Office of Foreign Assets Control (OFAC) determined to impose sanctions on five distinct Iranian entities known to have attempted to conduct election interference on the US and its voters. These attempts include spreading disinformation and executing malign influence campaigns aimed to mislead
The U.S. Department of Treasure released an advisory today highlighting that ransomware payments could violate their Office of Foreign Assets Control (OFAC) sanction controls. This advisory drastically changes the dynamic for how companies are managing ransomware response including the payment of ransoms directly or through third party negotiators.
This is an advisory that every CISO, corporate executive, and board of directors member needs to read and understand to prevent criminal liability.