The US Treasury Department has announced a crackdown on the use of digital currencies in ransomware attacks and other financial crimes, including its first-ever sanctions against a crypto exchange.
The US Treasury Department has announced a crackdown on the use of digital currencies in ransomware attacks and other financial crimes, including its first-ever sanctions against a crypto exchange.
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics
<p>This is outstanding news for global companies that face growing numbers of ever-more-complex ransomware attacks, particularly new cyberattacks techniques that combine ransomware, data exfiltration and Distributed Denial of Service (DDoS), to perpetrate \"triple extortion\" attacks on vulnerable organisations. For several decades, financial transfers by criminal entities that leverage traditional payment methods such as wire transfers and large cash deposits have been illegal, and have been monitored very closely by the US government. Unfortunately, that oversight drove cybercriminals to cryptocurrency payment platforms, which have occasionally served as safe havens for their nefarious ransom payments. Finally, I agree with the US Treasury Department that most cryptocurrency transactions are legal and legitimate, so it\’s promising to see that the industry\’s \"bad apples\" will be identified and sanctioned.</p>
<p>The latest sanctions from the U.S. Treasury Department aimed at disrupting the financial supply chain for cryptocurrency-based ransomware payments are a welcome development — but unfortunately they are unlikely to slow down what is an ever growing wave of ransomware attacks.</p>
<p>The reason cryptocurrency is favoured by criminals is because it is difficult – though not impossible – to track. Bad actors are simply looking for the path of least resistance with the greatest reward. Sanctions like these are positive but at this stage they will not deter attackers, who can still easily use different exchanges or payment methods.</p>
<p>To truly combat these malicious actors and minimise successful ransomware attacks, it is critical that organisations address the source and prevent them (rather than react).</p>
<p>Ransomware attacks demonstrate that a traditional castle-and-moat approach to network security leaves organisations exposed. Zero trust security sees the world differently and is the approach that needs to be adopted. It means that no one is trusted by default, regardless of whether they are inside or outside a network. In a world where data can be held amongst multiple cloud providers it is crucial to strengthen all processes relating to access verification. Without a zero trust approach, organisations run the risk of attackers having a free reign across a network once they are inside.</p>
<p>This is the first time a specific cryptocurrency exchange has been targeted by a government in an effort to thwart ransomware payment washing.</p>
<p>Hitting the criminals where it hurts is the intention, and given the statistics behind the usage of the Suex cryptocurrency exchange to launder illicit funds, it appears to be well justified. Whether it will work in practice will be interesting to observe.</p>
<p>Such is the nature of cryptocurrencies; applying solid centralised rules to the decentralised network doesn’t fit nicely – and likely never will.</p>
<p>Criminals could potentially use loopholes against the sanctions like proxy addresses and cold storage wallets to avoid the “US entity” stipulation, or they could even turn to one of the many other cryptocurrency exchanges that are available. This means that , regardless of the good intentions, there will likely still be many options for criminals to continue cashing out their stolen funds in the future.</p>