The US government is gearing up to penalise hackers who have extorted millions of dollars in digital currency from major US firms through ransomware attacks, The Wall Street Journal said quoting people familiar with the matter. The treasury department plans to impose sanctions that will disrupt the revenue source of ransomware attackers as soon as next week.
In a ransomware attack, a hacker accesses a company’s computer system and uses malware to encrypt their data. The hacker decrypts the data only on payment of a ransom, which is mostly done in digital currency like Bitcoin as they are difficult to trace.
In recent years, ransomware attacks have risen in number and become a thriving business, threatening critical infrastructures such as power operators, hospitals and banks.
'Dogefather' Elon Musk tweets Floki Inu to new heights: All you need to know about crypto world's new sensation
According to a study by cybersecurity firm Sophos, the average total cost of recovery from a ransomware attack has increased $1.85 million in 2021 from $761,106 in 2020. The average ransom paid to hackers is $170,404, says the UK-based firm.
The US government is planning to issue fresh guidance to businesses on how to avoid making ransomware payments. It also plans to limit the use of cryptocurrency for making ransom payments by enacting new anti-money laundering and terror finance rules by the end of this year.
To effectively choke illicit crypto payments, the treasury department is likely to single out specific targets such as digital wallets that receive ransom transactions.
It would also have to target crypto platforms that cybercriminals use to exchange a set of blockchain coins for another. People who manage these operations will also come under the radar, analysts told The Wall Street Journal. The treasury department declined to comment on this and has not yet made any formal announcement on the issue.
Government agencies have already penalised individuals and companies for facilitating illicit payments through cryptocurrencies. In October 2020, the Treasury’s Office of Foreign Assets Control warned victims of attacks and others of the risks of making ransomware payments, saying it was a violation of US laws.
"Paying a ransom may embolden adversaries to target additional organisations, encourage other criminal actors to engage in the distribution of ransomware, and/or may fund illicit activities," the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency had said in August this year.
Also read: This Shark Tank celebrity investor wants to double his crypto holdings, calls for US regulation
The ransomware threat caught eyeballs when an alleged Russian hacking group called DarkSide launched a ransomware attack against Colonial Pipeline in May this year, disrupting fuel distribution in several states. The Colonial Pipeline is one of the largest fuel pipelines in the US. It paid $4.4 million to the hackers to retrieve official data.
The array of actions by the Biden administration is one of the most significant attempts to curb the digital finance ecosystem of traders, exchanges and individuals, which has incentivised ransomware attacks in recent years.
"An action of this kind would be an aggressive, proactive approach to going after those who facilitate ransomware payments," Ari Redbord, a former senior treasury security official, told The Wall Street Journal.
The government is also planning to internationalise the fight against ransomware attackers. The Group of Seven (G7) nations also pledged to collectively act against illicit crypto payments.
(Edited by : Jomy Jos Pullokaran)