Report: Biden administration to roll out sanctions targeting ransomware payments

The Biden administration reportedly plans to roll out sanctions aimed at disrupting hackers’ ability to collect ransomware payments using cryptocurrency.

The Wall Street Journal reported the plans today, citing sources familiar with the matter.

The sources believe that the sanctions could be implemented as early as next week by the U.S. Treasury Department. The sanctions are expected to be imposed on “specific targets” rather than the entire cryptocurrency ecosystem. Additionally, the Treasury Department is reportedly preparing to release new guidance that will warn businesses they could face fines and other penalties over involvement in ransomware payments.

According to analysts who spoke to the Journal, effectively limiting hackers’ ability to collect ransomware payments would require the Treasury Department to focus on several areas in particular. The analysts believe that the sanctions would have to target cryptocurrency wallets used by hackers to process ransomware payments, the platforms they leverage to make payments difficult to trace and the people who own and operate those platforms.

The planned sanctions are reportedly aimed at deterring entities involved in the ransomware ecosystem from continuing to facilitate payments to hackers. The sanctions, and the other actions said to be planned as part of the initiative, are described as the Biden administration’s most significant attempt yet to target the infrastructure powering ransomware transactions.

The move follows a series of ransomware attacks attributed to hacking groups in Russia. One of the highest-profile incidents was the cyberattack that targeted Colonial Pipeline Co. earlier this year, which caused the company to temporarily shut down its fuel pipeline.

The reported plan to target ransomware payments with sanctions is the latest in a series of steps taken by the Biden administration to improve cybersecurity. In May, following the Colonial Pipeline breach, President Joe Biden signed an executive order calling for a series of initiatives to bolster cybersecurity defenses in the U.S.

The  initiatives focus on, among other areas, implementing stronger cybersecurity standards in the federal government. Additionally, they emphasize enhancing how information on online threats is shared between the public and  private sectors. A third priority is securing the software supply chain: the executive order calls for the creation of “baseline security standards for development of software sold to the government.”

More recently, in August, Biden held a summit meeting at the White House with top business leaders to discuss national cybersecurity strategy.  The Chief Executive Officers of several major tech firms were among the participants. Microsoft Corp. committed to spending over $20 billion on cybersecurity over the next five years and Google LLC said it would invest $10 billion in zero-trust security programs during the same time frame.

Photo: Michael Pick / Flickr

A message from John Furrier, co-founder of SiliconANGLE:

Show your support for our mission by joining our Cube Club and Cube Event Community of experts. Join the community that includes Amazon Web Services and Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger and many more luminaries and experts.

Join Our Community

We are holding our third cloud startup showcase on Sept. 22. Click here to join the free and open Startup Showcase event.

“TheCUBE is part of re:Invent, you know, you guys really are a part of the event and we really appreciate your coming here and I know people appreciate the content you create as well” – Andy Jassy

We really want to hear from you, and we’re looking forward to seeing you at the event and in theCUBE Club.

NewsNow