Do government sanctions against ransomware groups work?
Reading Time: 2 minutesEarlier this year, the U.S. government imposed sanctions against Russian national Mikhail Matveev, an FBI most-wanted cybercriminal, who authorities accuse of being a ‘prolific ransomware affiliate’ involved in cyberattacks in the United States and overseas.
Authorities say Matveev played a major role in the development and deployment of the Hive, LockBit and Babuk ransomware variants, and is said to have ties to the notorious Conti hacking group. Matveev was allegedly involved in the high-profile ransomware attack on Costa Rica, which sought a $20 million ransom demand (and the overthrowing of the government), and claimed responsibility for a 2021 cyberattack on Washington, D.C.’s police department.
Ransomware attacks are at an all-time high and increasingly target vulnerable public sector organizations, like schools and hospitals, which only add to the urgency of getting critical networks and systems up and running again. There are no laws in the U.S. that ban ransom payments, but the FBI has long advised victims not to pay, for fear of helping hackers profit from ransomware and encouraging further cyberattacks.
That’s where sanctions come in.
Sanctions are an important weapon in the U.S. government’s bureaucratic armory against ransomware groups (and other hacking groups), who are often out of reach of U.S. indictments or arrest warrants. Sanctions, which are issued by the U.S. Treasury’s Office of Foreign Assets Control, make it illegal for U.S. businesses or individuals to transact with a sanctioned entity, such as Matveev, a tactic aimed at barring American victims from paying the sanctioned hacker’s ransom demands.
But ransomware gangs are also trying to stay ahead. Some ransomware gangs, which have rebranded or switched-up tactics in an effort to avoid sanctions, are on track to have one of their most profitable years during 2023, according to data from Homeland Security.
Sanctions aren’t perfect
Does that mean that sanctions aren’t working? Not exactly. While sanctions are by no means perfect against ransomware gangs, sanctions undoubtedly make it harder for criminal organizations to profit from launching cyberattacks.
There’s also the risk that sanctions could be driving the wrong behavior. By making it illegal to make a ransomware payment to a sanctioned entity or country — even if the victim was unaware of the sanctions — victim organizations might conceal the incident and subsequent payment without notifying the authorities.
Violating sanctions can be costly for Americans, leading to hefty fines and criminal prosecution. Those consequences alone ‘should be enough to encourage victims not to pay, effectively taking funds away from the sanctioned individuals or groups,’ said Crystal Morin, cybersecurity strategist at cloud security firm Sysdig.
It may seem like sanctions against ransomware actors aren’t making a significant impact, but they are undoubtedly a step in the right direction — and one that only benefits from greater international collaboration to combat the global ransomware threat.
Reference: https://techcrunch.com/2023/11/02/government-sanctions-ransomware-effective/
Ref: techcrunch
MediaDownloader.net -> Free Online Video Downloader, Download Any Video From YouTube, VK, Vimeo, Twitter, Twitch, Tumblr, Tiktok, Telegram, TED, Streamable, Soundcloud, Snapchat, Share, Rumble, Reddit, PuhuTV, Pinterest, Periscope, Ok.ru, MxTakatak, Mixcloud, Mashable, LinkedIn, Likee, Kwai, Izlesene, Instagram, Imgur, IMDB, Ifunny, Gaana, Flickr, Febspot, Facebook, ESPN, Douyin, Dailymotion, Buzzfeed, BluTV, Blogger, Bitchute, Bilibili, Bandcamp, Akıllı, 9GAG