Two U.S. Treasury offices have issued payment guidelines for ransomware that they say pose a threat to national security. The Financial Crime Enforcement Network, or FinCEN, has reminded cryptocurrency processors of their obligation to file suspicious activity reports when they suspect their services are being used to make such payments to sanctioned persons:
These organizations include Digital Forensic and Incident Response (DFIR) and Electronic Insurance Companies (CICs). Some DFIR and CIC companies, as well as some MSBs offering CVC [convertible virtual currency], make it easier for cybercriminals to make ransom payments, often by taking customers’ cash directly, and exchanging it for CVC. He then transforms the CVC into accounts controlled by criminals. ”
The ads also indicate that while Bitcoin (BTC) remains the preferred currency for cybercriminals, there is a trend towards a more widespread use of privacy coins. Apparently, some criminals even offered discounts to those who chose the latter.
The IRS recently awarded Chainalysis and Integra FEC two contracts worth $ 625,000 to develop tools that help track the most elusive privacy coin, Monero (XMR).
A statement from the US Treasury Department of Foreign Assets Control (OFAC) highlighted that some of the largest ransomware attacks in recent times have been carried out by foreign actors. It asserts that funds received as a result of such activities may be used at the expense of the national security of the United States. The OFAC also confirmed that in addition to the list of sanctioned individuals with whom U.S. personnel are prohibited from trading, there are also certain countries and regions on the list. Financial service providers who choose to ignore these restrictions may be penalized.
Delivered every Friday
Jointly, you accept us
Many cybersecurity experts have said for many years that the only way to end malware attacks is to stop paying the ransom. Emisoft malware lab risk analyst Brett Kilo told Cointelegraph:
The important thing is that the ransom should stop. These attacks happen for one reason or another: because some companies pay criminals. If no one pays the criminals, there will be no more extortionists. Simply. ”
However, this appears to be the first serious attempt by the United States government to clamp down on these payments and those who contribute to them.