In the wake of significant ransomware attacks, President Biden has sanctioned cryptocurrency exchange Suex in a clear attempt to prevent ransomware payments. Credit: Metamorworks / Nature / Getty Images The Biden administration has introduced new sanctions against cryptocurrency exchange Suex to stifle revenue for ransomware groups. Suex, which has been accused by US officials of doing business with ransomware actors in the past, has had its access to US markets cut off as a result. The Treasury Department has also updated guidance to US businesses on paying ransoms to cybercriminals, saying that it “strongly discourages” such action.Cryptocurrency sanctions a reaction to significant ransomware attacksThe move comes in the wake of the significant ransomware attack against Colonial Pipeline – the largest fuel pipeline in the United States – in May. Carried out by the Russian-linked Darkside ransomware group, the attack forced Colonial Pipeline to take systems offline and halt all pipeline operations. The fallout was so significant that the Biden administration issued emergency waivers in response, lifting limits on the transportation of fuels by road as fears of shortages begin to put upward pressure on oil and gas prices.According to a Bloomberg report, Colonial Pipeline handed over almost $5 million to the attackers for decryption of its data, some of which was subsequently recovered by the Justice Department in June. Despite paying the ransom, it took Colonial Pipeline several days to get operations back to normal. Earlier this week, New Cooperative, a grain distributor with 60 locations in Iowa, fell victim to a large ransomware attack by a Russian-speaking group known as BlackMatter. The attackers are believed to have requested almost $6 million for the release of the data, although this is unconfirmed by New Cooperative. An investigation into the incident it ongoing. Impact of preventing ransomware paymentsThe new sanctions against Suex, a platform that offers an easy and often difficult to trace way to buy and exchange cryptocurrency, are an effort by the Biden administration to prevent ransomware payments that encourage actors to carry out further attacks against US companies. Commenting to reporters ahead of the announcement, Treasury Deputy Secretary Wally Adeyemo said, “Exchanges like Suex are critical to attackers’ ability to extract profits from ransomware attackers,” adding that the action “is a signal of our intention to expose and disrupt the illicit infrastructure using these attacks.”However, John Bambenek, principal threat hunter at Netenrich, questions whether the move will have any material impact on the proliferation of ransomware. “Attempting to stop ransom payments didn’t help the kidnapping problem we saw in South America a couple of decades ago, and it’s not likely to help much here either,” he tells CSO. “Sanctions against providers may make a degree of sense as long as the more honest providers are able, willing, and incentivized to report bad behavior on their platforms. What is more important in stopping ransomware is finding those involved and getting them brought to justice, and these kinds of actions could actually impair intelligence collection on those bad actors.” Related content news analysis SEC rule for finance firms boosts disclosure requirements Amendments to Regulation S-P requires broker-dealers, investment companies, registered investment advisers, and transfer agents to disclose incidents to customers. By Evan Schuman May 17, 2024 5 mins Data Breach Financial Services Industry Data Privacy feature DDoS attacks: Definition, examples, and techniques Distributed denial of service (DDoS) attacks have been part of the criminal toolbox for over twenty years, and they’re only growing more prevalent and stronger. By Josh Fruhlinger May 17, 2024 10 mins DDoS Cyberattacks news FCC proposes BGP security measures Protecting the Border Gateway Protocol is as important as protecting the border. By Gyana Swain May 17, 2024 1 min Regulation Network Security news US AI experts targeted in cyberespionage campaign using SugarGh0st RAT Threat actors use phishing techniques to obtain non-public information about generative artificial intelligence. By Lucian Constantin May 16, 2024 4 mins Phishing Data and Information Security PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe