U.S. Treasury puts crypto industry on notice over rising ransomware attacks

FILE PHOTO: The U.S. Treasury building is seen in Washington, September 29, 2008. REUTERS/Jim Bourg

By Daphne Psaledakis

WASHINGTON (Reuters) – Suspected ransomware payments totaling $590 million were made in the first six months of this year, more than the $416 million reported for the whole of 2020, U.S. authorities said on Friday, as Washington put the cryptocurrency industry on alert about its role in combating ransomware attacks.

The U.S. Treasury Department said the average amount of reported ransomware transactions per month in 2021 was $102.3 million, with REvil/Sodinokibi, Conti, DarkSide, Avaddon, and Phobos the most prevalent ransomware strains reported.

President Joe Biden has made the government’s cybersecurity response a top priority for the most senior levels of his administration following a series of attacks this year that threatened to destabilize U.S. energy and food supplies.

Seeking to stop the use of crypto currencies in the payment of ransomware demands, Treasury told members of the crypto community they are responsible for making sure they do not “directly or indirectly” help facilitate deals prohibited by U.S. sanctions.

Its new guidance said the virtual currency industry plays an increasingly critical role in preventing those blacklisted from exploiting virtual currencies to evade sanctions.

“Treasury is helping to stop ransomware attacks by making it difficult for criminals to profit from their crimes, but we need partners in the private sector to help prevent this illicit activity,” Deputy Treasury Secretary Wally Adeyemo said in a statement.

The new guidance also advised virtual currency exchanges to use geolocation tools to block access from countries under U.S. sanctions.

Hackers use ransomware to take down systems that control everything from hospital billing to manufacturing. They stop only after receiving hefty payments, typically in cryptocurrency.

This year, gangs have hit numerous U.S. companies in large scale hacks. One such attack on pipeline operator Colonial Pipeline led to temporary fuel supply shortages on the U.S. East Coast. Hackers also targeted an Iowa-based agricultural company, sparking fears of disruptions to grain harvesting in the Midwest.

The Biden administration last month unveiled sanctions against cryptocurrency exchange Suex OTC, S.R.O. over its alleged role in enabling illegal payments from ransomware attacks, officials said, in the Treasury’s first such move against a virtual currency exchange over ransomware activity.

(Reporting by Chris Sanders, Chris Bing and Daphne Psaledakis; Editing by Chizu Nomiyama and Daniel Wallis)

Leave a Reply