In the wake of significant ransomware attacks, President Biden has sanctioned cryptocurrency exchange Suex in a clear attempt to prevent ransomware payments. Credit: Metamorworks / Nature / Getty Images The Biden administration has introduced new sanctions against cryptocurrency exchange Suex to stifle revenue for ransomware groups. Suex, which has been accused by US officials of doing business with ransomware actors in the past, has had its access to US markets cut off as a result. The Treasury Department has also updated guidance to US businesses on paying ransoms to cybercriminals, saying that it “strongly discourages” such action.Cryptocurrency sanctions a reaction to significant ransomware attacksThe move comes in the wake of the significant ransomware attack against Colonial Pipeline – the largest fuel pipeline in the United States – in May. Carried out by the Russian-linked Darkside ransomware group, the attack forced Colonial Pipeline to take systems offline and halt all pipeline operations. The fallout was so significant that the Biden administration issued emergency waivers in response, lifting limits on the transportation of fuels by road as fears of shortages begin to put upward pressure on oil and gas prices.According to a Bloomberg report, Colonial Pipeline handed over almost $5 million to the attackers for decryption of its data, some of which was subsequently recovered by the Justice Department in June. Despite paying the ransom, it took Colonial Pipeline several days to get operations back to normal. Earlier this week, New Cooperative, a grain distributor with 60 locations in Iowa, fell victim to a large ransomware attack by a Russian-speaking group known as BlackMatter. The attackers are believed to have requested almost $6 million for the release of the data, although this is unconfirmed by New Cooperative. An investigation into the incident it ongoing. Impact of preventing ransomware paymentsThe new sanctions against Suex, a platform that offers an easy and often difficult to trace way to buy and exchange cryptocurrency, are an effort by the Biden administration to prevent ransomware payments that encourage actors to carry out further attacks against US companies. Commenting to reporters ahead of the announcement, Treasury Deputy Secretary Wally Adeyemo said, “Exchanges like Suex are critical to attackers’ ability to extract profits from ransomware attackers,” adding that the action “is a signal of our intention to expose and disrupt the illicit infrastructure using these attacks.”However, John Bambenek, principal threat hunter at Netenrich, questions whether the move will have any material impact on the proliferation of ransomware. “Attempting to stop ransom payments didn’t help the kidnapping problem we saw in South America a couple of decades ago, and it’s not likely to help much here either,” he tells CSO. “Sanctions against providers may make a degree of sense as long as the more honest providers are able, willing, and incentivized to report bad behavior on their platforms. What is more important in stopping ransomware is finding those involved and getting them brought to justice, and these kinds of actions could actually impair intelligence collection on those bad actors.” Related content news Google launches Google Threat Intelligence at RSA Conference The new addition to Google Cloud Security is designed to give security teams information to inform approaches to protecting against external threats, managing attack surfaces, and mitigating digital risks. By Sascha Brodsky May 06, 2024 4 mins Google Cloud Functions Cloud Security Security Software brandpost Sponsored by Elastic Search + RAG: The 1-2 punch transforming the modern SOC with AI-driven security analytics AI is modernizing how SOCs function, triaging countless alerts down to a handful of attacks that matter most. By Mike Nichols, Product for Security at Elastic May 06, 2024 3 mins Artificial Intelligence how-to Download the Zero Trust network access (ZTNA) enterprise buyer’s guide From the editors of our sister publication Network World, this enterprise buyer’s guide helps network and security IT staff understand what ZTNA can do for their organizations and how to choose the right solution. By Josh Fruhlinger and steve_zurier May 06, 2024 1 min Zero Trust Access Control Network Security news Germany blames Russian hackers for months-long cyber espionage The attacks by Russia-backed Fancy Bear used an Outlook exploit to compromise several German officials’ accounts. By Shweta Sharma May 06, 2024 4 mins Advanced Persistent Threats Hacker Groups PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe