UPDATED 20:23 EST / SEPTEMBER 21 2021

BLOCKCHAIN

Treasury Department sanctions Suex for processing ransomware payments

The U.S. Treasury Department today sanctioned a cryptocurrency exchange for its alleged role in processing ransomware payments.

The Treasury’s Officer of Foreign Assets Control said in a publication of updated ransomware advisory with a cyber-related designation that it had added Suex OTC S.R.O. (aka “Successful Exchange”) to its list of Specially Designated Nationals.

The SDN list includes individuals and companies owned or controlled by, or acting for or on behalf of, targeted countries, as well as terrorists and narcotics traffickers. Any people or companies on the list has their assets blocked and U.S. persons are generally prohibited from dealing with them.

In the case of Suex, Treasury has targeted the company as part of a set of actions focused on disrupting criminal networks and virtual currency exchanges responsible for laundering ransoms.

Suex is claimed to facilitate financial transactions involving illicit proceeds from at least eight ransomware variants. Analysis of known Suex transactions shows that more than 40% of the exchange’s known transaction history is associated with illicit actors. As such, Suex has been designated an SDN pursuant to Executive Order 13694 for providing material support to the threat posed by criminal ransomware actors.

While noting that most cryptocurrency is not used for illicit purposes, the department did say that it will continue to use its authority against malicious cybersecurity actors. It would do so in conjunction with other departments and agencies, along with foreign partners, to “disrupt financial nodes tied to ransomware payments and cyberattacks.”

What’s missing from the Treasury Department is what forms of ransomware are involved. Also notably missing is an emphasis on Russia, despite Suex having an address in a major office tower in Moscow.

In July the Biden administration vowed to take action against Russia if linked to previous ransomware attacks. The administration also announced Sept. 17 that it was rolling out sanctions targeting ransomware payments. The announcement targeting Suex is the first time action in this manner has been taken.

“The U.S. government is using sanctions as a primary way to slow down the cryptocurrency exchanges,” James McQuiggan, security awareness advocate at security training company KnowBe4 Inc., told SiliconANGLE. “At the same time, those impacted by ransomware attacks could be those more impacted by these sanctions. Suppose they cannot utilize the crypto exchanges to pay the ransom based on their policies and procedures. In that case, these sanctions remove the ability to collect the decryption keys and prevent cybercriminals from exposing their data online.”

Image: Suex

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU