In the wake of significant ransomware attacks, President Biden has sanctioned cryptocurrency exchange Suex in a clear attempt to prevent ransomware payments. Credit: Metamorworks / Nature / Getty Images The Biden administration has introduced new sanctions against cryptocurrency exchange Suex to stifle revenue for ransomware groups. Suex, which has been accused by US officials of doing business with ransomware actors in the past, has had its access to US markets cut off as a result. The Treasury Department has also updated guidance to US businesses on paying ransoms to cybercriminals, saying that it “strongly discourages” such action.Cryptocurrency sanctions a reaction to significant ransomware attacksThe move comes in the wake of the significant ransomware attack against Colonial Pipeline – the largest fuel pipeline in the United States – in May. Carried out by the Russian-linked Darkside ransomware group, the attack forced Colonial Pipeline to take systems offline and halt all pipeline operations. The fallout was so significant that the Biden administration issued emergency waivers in response, lifting limits on the transportation of fuels by road as fears of shortages begin to put upward pressure on oil and gas prices.According to a Bloomberg report, Colonial Pipeline handed over almost $5 million to the attackers for decryption of its data, some of which was subsequently recovered by the Justice Department in June. Despite paying the ransom, it took Colonial Pipeline several days to get operations back to normal. Earlier this week, New Cooperative, a grain distributor with 60 locations in Iowa, fell victim to a large ransomware attack by a Russian-speaking group known as BlackMatter. The attackers are believed to have requested almost $6 million for the release of the data, although this is unconfirmed by New Cooperative. An investigation into the incident it ongoing. Impact of preventing ransomware paymentsThe new sanctions against Suex, a platform that offers an easy and often difficult to trace way to buy and exchange cryptocurrency, are an effort by the Biden administration to prevent ransomware payments that encourage actors to carry out further attacks against US companies. Commenting to reporters ahead of the announcement, Treasury Deputy Secretary Wally Adeyemo said, “Exchanges like Suex are critical to attackers’ ability to extract profits from ransomware attackers,” adding that the action “is a signal of our intention to expose and disrupt the illicit infrastructure using these attacks.”However, John Bambenek, principal threat hunter at Netenrich, questions whether the move will have any material impact on the proliferation of ransomware. “Attempting to stop ransom payments didn’t help the kidnapping problem we saw in South America a couple of decades ago, and it’s not likely to help much here either,” he tells CSO. “Sanctions against providers may make a degree of sense as long as the more honest providers are able, willing, and incentivized to report bad behavior on their platforms. What is more important in stopping ransomware is finding those involved and getting them brought to justice, and these kinds of actions could actually impair intelligence collection on those bad actors.” Related content news CISA, FBI urge developers to patch path traversal bugs before shipping The advisory highlights how developers can follow best practices to fix these vulnerabilities during production. By Shweta Sharma May 03, 2024 3 mins Vulnerabilities news Microsoft continues to add, shuffle security execs in the wake of security incidents The company has appointed new product security chiefs as well as a customer-facing CISO as it continues to respond to high-profile attacks on its products and own network. By Elizabeth Montalbano May 03, 2024 4 mins CSO and CISO feature Malware explained: How to prevent, detect and recover from it What are the types of malware? How does malware spread? How do you know if you’re infected? We've got answers. By Josh Fruhlinger May 03, 2024 18 mins Ransomware Phishing Malware brandpost Sponsored by Cyber NewsWire LayerX Security Raises $26M for its Browser Security Platform, Enabling Employees to Work Securely from Any Browser, Anywhere Early adoption by Fortune 100 companies worldwide, LayerX already secures more users than any other browser security solution and enables unmatched security, performance and experience By Cyber NewsWire May 02, 2024 4 mins Cyberattacks Security PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe