In the wake of significant ransomware attacks, President Biden has sanctioned cryptocurrency exchange Suex in a clear attempt to prevent ransomware payments. Credit: Metamorworks / Nature / Getty Images The Biden administration has introduced new sanctions against cryptocurrency exchange Suex to stifle revenue for ransomware groups. Suex, which has been accused by US officials of doing business with ransomware actors in the past, has had its access to US markets cut off as a result. The Treasury Department has also updated guidance to US businesses on paying ransoms to cybercriminals, saying that it “strongly discourages” such action.Cryptocurrency sanctions a reaction to significant ransomware attacksThe move comes in the wake of the significant ransomware attack against Colonial Pipeline – the largest fuel pipeline in the United States – in May. Carried out by the Russian-linked Darkside ransomware group, the attack forced Colonial Pipeline to take systems offline and halt all pipeline operations. The fallout was so significant that the Biden administration issued emergency waivers in response, lifting limits on the transportation of fuels by road as fears of shortages begin to put upward pressure on oil and gas prices.According to a Bloomberg report, Colonial Pipeline handed over almost $5 million to the attackers for decryption of its data, some of which was subsequently recovered by the Justice Department in June. Despite paying the ransom, it took Colonial Pipeline several days to get operations back to normal. Earlier this week, New Cooperative, a grain distributor with 60 locations in Iowa, fell victim to a large ransomware attack by a Russian-speaking group known as BlackMatter. The attackers are believed to have requested almost $6 million for the release of the data, although this is unconfirmed by New Cooperative. An investigation into the incident it ongoing. Impact of preventing ransomware paymentsThe new sanctions against Suex, a platform that offers an easy and often difficult to trace way to buy and exchange cryptocurrency, are an effort by the Biden administration to prevent ransomware payments that encourage actors to carry out further attacks against US companies. Commenting to reporters ahead of the announcement, Treasury Deputy Secretary Wally Adeyemo said, “Exchanges like Suex are critical to attackers’ ability to extract profits from ransomware attackers,” adding that the action “is a signal of our intention to expose and disrupt the illicit infrastructure using these attacks.”However, John Bambenek, principal threat hunter at Netenrich, questions whether the move will have any material impact on the proliferation of ransomware. “Attempting to stop ransom payments didn’t help the kidnapping problem we saw in South America a couple of decades ago, and it’s not likely to help much here either,” he tells CSO. “Sanctions against providers may make a degree of sense as long as the more honest providers are able, willing, and incentivized to report bad behavior on their platforms. What is more important in stopping ransomware is finding those involved and getting them brought to justice, and these kinds of actions could actually impair intelligence collection on those bad actors.” Related content news analysis Rise of zero-day exploits reshape security recommendations Research from Rapid7 shows a spike in zero-days contributing to quicker exploit timelines, leaving IT security teams under strain with a greater need for post-incident response. By Lucian Constantin May 22, 2024 7 mins Incident Response Zero-day vulnerability Security Practices opinion Reducing CSO-CIO tension requires recognizing the signs Given competing pressures and priorities, CIOs and CISOs often find themselves at odds. Knowing where tensions flair and how your partner operates is essential to maintaining a productive partnership. By David Gee May 22, 2024 6 mins CIO CSO and CISO IT Leadership brandpost Sponsored by Cyber NewsWire Memcyco Report Reveals Only 6% Of Brands Can Protect Their Customers From Digital Impersonation Fraud By Cyber NewsWire - Paid Press Release May 21, 2024 4 mins Cyberattacks Security opinion Employee discontent: Insider threat No. 1 CISOs who focus only on detection technology — and don’t engage with the human side of the security equation — are missing a key ingredient for insider risk management. By Christopher Burgess May 21, 2024 7 mins CSO and CISO Threat and Vulnerability Management Human Resources PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe