The Biden administration on Tuesday will unveil sanctions against a cryptocurrency exchange over its alleged role in enabling illegal payments from ransomware attacks, officials said, part of a broader bid to crack down on the growing threat.
The Treasury Department accuses Suex OTC, S.R.O. of facilitating transactions involving illicit proceeds for at least eight ransomware variants, marking its first such move against a virtual currency exchange over ransomware activity.
“Exchanges like Suex are critical to attackers’ ability to extract profits from ransomware attackers,” Treasury Deputy Secretary Wally Adeyemo said in a call with reporters previewing the announcement. “Today’s action is a signal of our intention to expose and disrupt the illicit infrastructure using these attacks.”
Hackers use ransomware to take down systems that control everything from hospital billing to manufacturing. They stop only after receiving hefty payments, typically paid in cryptocurrency.
Attacks are increasing in scale, sophistication and scope, the Treasury said. In 2020 ransomware payments reached over $400 million, more than four times the level in 2019, Anne Neuberger, deputy national security adviser for cyber, told reporters on the call.
The officials said the administration is also updating guidance on sanctions to encourage victims of ransomware attacks to share information with law enforcement.
The Treasury said an analysis of known Suex transactions shows that over 40% of them involved illicit actors. While some exchanges are exploited by bad actors, others like Suex, “facilitate illicit activities for their own illicit gains,” the agency added in a release.
The sanctions, included in a 2015 executive order targeting cyber criminals, block Suex’s access to all US property and prohibit Americans from transacting with the company.
Suex OTC is a private company based in the Czech Republic, according to Refinitiv’s Eikon.
