Joe Biden Sanctions Crypto Institutions Involved With Ransomware Gangs

JAKARTA - The Joe Biden administration on Tuesday, September 2 launched sanctions against cryptocurrency exchanges for their alleged role in enabling illegal payments from ransomware attacks. According to sources at the White House, this decision is part of a wider crackdown on the growing threat.

The Treasury Department accused Suex OTC, SRO of facilitating transactions involving illicit proceeds for at least eight ransomware variants. This is the US government's first move against a virtual currency exchange agency for ransomware activity.

"Exchanges like Suex are critical to an attacker's ability to take advantage of ransomware attackers," Deputy Treasury Secretary Wally Adeyemo said in a press conference with reporters who saw the announcement late Monday. "That action is a signal of our intent to expose and disrupt illicit infrastructure using this attack."

Hackers use ransomware to wipe out systems that control everything from hospital billing to manufacturing. They stop only after receiving a large payout, usually in cryptocurrency.

This year, the ransomware gang has attacked many important companies in the US in large-scale hacking. One such attack on pipeline operator Colonial Pipeline caused a temporary fuel shortage on the US East Coast. The hackers also targeted an Iowa-based agricultural company, sparking fears of disruption to wheat harvests in the Midwest.

Anne Neuberger, deputy national security adviser for cyberspace, told reporters by telephone that in 2020 ransomware payments totaled more than 400 million US dollars (Rp 5.7 trillion), more than four times compared to 2019.

The threat has grown so prominent that US President Joe Biden reportedly told Russian President Vladimir Putin during a meeting in July that "critical infrastructure" companies should be banned for ransomware gangs. Such groups often operate from Russia or Ukraine, according to cybersecurity experts and federal prosecutors.

Officials contacted said the government updated guidance on sanctions to encourage victims of ransomware attacks to share information with law enforcement.

The Treasury Department said analysis of known Suex transactions showed that more than 40% of them involved illegal actors. While some exchanges are exploited by bad actors, others like Suex, by "facilitating illicit activities for their own illicit gain," the agency added in the release.

“Malicious cryptocurrency exchanges have long been key to the ransomware gang,” said Tom Robinson, chief scientist and co-founder of blockchain analytics firm Elliptic in an emailed statement. "This action by the US government sends a clear signal that it will not tolerate this activity, wherever it may be."

The sanctions, including in a 2015 executive order targeting cybercriminals, block Suex's access to all US property and bar Americans from transacting with the company.

Suex OTC is a private company based in the Czech Republic, according to Refinitiv's Eikon.