Dept. of Treasury Targets Virtual Currency Exchange for Laundering Cyber Ransoms

Seen this? The Dept. of the Treasury recently announced a set of actions to disrupt criminal networks and virtual currency exchanges responsible for laundering ransoms. According to the Treasury Department’s website:

“Ransomware attacks are increasing in scale, sophistication, and frequency, victimizing governments, individuals, and private companies around the world. In 2020, ransomware payments reached over $400 million, more than four times their level in 2019. The U.S. government estimates that these payments represent just a fraction of the economic harm caused by cyber-attacks, but they underscore the objectives of those who seek to weaponize technology for personal gain: to disrupt our economy and damage the companies, families, and individuals who depend on it for their livelihoods, savings, and futures.”

What is the Dept of the Treasury actually doing?

It won’t come as a surprise that virtual currency (cryptocurrency) is the principal means of facilitating ransomware payments and associated money laundering activities. The US government has taken many steps to improve transparency regarding ransomware attacks and associated payments. To that end, Treasury’s recent actions include the Office of Foreign Assets Control’s designation of SUEX OTC, a virtual currency exchange, for its part in facilitating financial transactions for ransomware actors.

SUEX has facilitated illicit transactions from at least eight ransomware variants. Analysis of SUEX transactions shows that over 40% of SUEX’s transaction history involves illicit actors. Essentially, SUEX is providing material support to criminal ransomware actors.

Virtual currency exchanges such as SUEX are critical to the profitability of ransomware attacks, which help fund additional cybercriminal activity.

This is the first time the Treasury Dept has taken this kind of action against a virtual currency exchange. It was executed with help from the FBI.

The US government stressed that most virtual currency activity is legitimate. However, the technology holds significant potential for criminal activity for obvious reasons.

For example, virtual currencies can be useful for illicit activity through peer-to-peer exchangers, mixers, and exchanges. This includes facilitating sanctions evasion, ransomware schemes, and other cybercrimes. Some virtual currency exchanges are exploited by outside malicious actors. But others, as is the case with SUEX, facilitate illicit activities for their own illicit gains.

So what does this actually mean?

To you, probably nothing. But as a result of all this, the US is blocking all SUEX properties that are subject to U.S. jurisdiction. Also, U.S. persons are generally prohibited from engaging in transactions with them.

Additionally, any entities 50% or more owned by one or more designated persons are also blocked. Not only that, financial institutions and others engaging in certain transactions or activities with SUEX and those associated with it may expose themselves to sanctions or law enforcement action. In other words, if you have anything to do with the SUEX cryptocurrency exchange, you might want to stop.

Good time for a sales pitch

Couple of facts: Ransomware attacks are up a staggering 151% from last year. And, last year, only 8% of Ransomware victims got all their data back after paying the ransom. So, since ransomware is not a problem we can seemingly avoid forever or buy our way out of, arming ourselves in advance is the sensible option.

Two of our effective, affordable solutions are FortiEDR and Sophos Intercept X.

FortiEDR

Fortinet FortiEDR actually understands the behavior of ransomware and similar high-speed attacks, and when it sees something suspicious, it doesn’t wait, it reacts.

It delivers advanced, real-time threat protection for endpoints. With unique code-tracing technology, FortiEDR defuses and disarm threats in real time. Not only that, FortiEDR proactively discovers and mitigates the endpoint attack surface. And it actually becomes smarter over time to better spot and stop threats. FortiEDR also provides real-time post-infection protection.

Sophos Intercept X

Sophos Intercept X repeatedly rates among the world’s best endpoint protection in numerous independent tests, against things like ransomware, malware, and viruses. It comes in several versions, like Advanced, Advanced with MTR, and Advanced with XDR.

And all of them feature Deep Learning technology that detects known and unknown malware, Synchronized Security that shares data automatically with other Sophos solutions and responds accordingly, and Active Adversary Mitigations that stops ransomware, malware, exploits, viruses, and a lot of other things.

Advanced malwares can help themselves to your data or encrypt your files within seconds. If you don’t react immediately, the fight is over and you’ve lost. Why not email us, or call 877-449-0458. We can get you securely set up with an affordable solution you can’t afford to be without. We can’t wait to serve you!