Biden Administration Announces First Ever Sanctions Against Cryptocurrency Exchange

The Biden Administration announced they are imposing the first ever cryptocurrency exchange sanctions on SUEX OTC, S.R.O (SUEX) for laundering cyber ransoms. 

The U.S. Treasury Department (Treasury) announced the first virtual currency exchange sanctions on Tuesday, September 21 against SUEX, a private company based in the Czech Republic. The Treasury believes SUEX knowingly enabled financial transactions involving illegal funds for at least eight ransomware variants with over 40 percent of their transactions coming from unlawful actors. In an official press release, Treasury touted the sanction as an important step in the fight against ransomware.

“Virtual currency exchanges such as SUEX are critical to the profitability of ransomware attacks, which help fund additional cybercriminal activity. Treasury will continue to disrupt and hold accountable these entities to reduce the incentive for cybercriminals to continue to conduct these attacks. This action is the first sanctions designation against a virtual currency exchange and was executed with assistance from the Federal Bureau of Investigation.”

"Exchanges like (SUEX) are critical to attackers' ability to extract profits from ransomware attackers," Treasury Deputy Secretary Wally Adeyemo added.  “(The sanction) is a signal of our intention to expose and disrupt the illicit infrastructure using these attacks."

According to Engadget the sanctions suspend SUEX’s access to their direct and indirect interests in property covered by U.S. jurisdiction and extends to any entity where SUEX owns a controlling stake, as well as prevent banks and people from a defined set of transactions.

Treasury further described the sanctions as “…all property and interests in property of the designated target that are subject to U.S. jurisdiction are blocked, and U.S. persons are generally prohibited from engaging in transactions with them. Additionally, any entities 50% or more owned by one or more designated persons are also blocked. In addition, financial institutions and other persons that engage in certain transactions or activities with the sanctioned entities and individuals may expose themselves to sanctions or be subject to an enforcement action. Today’s action against SUEX does not implicate a sanctions nexus to any particular Ransomware-as-a-Service (RaaS) or variant.”

The sanctions are another step in the Biden Administration’s commitment to strengthen the nation’s cybersecurity, specifically attacking the ever-prevalent ransomware threats that continue to target critical infrastructure and supply chain providers.  

One important aspect of the news is that the sanctions are not a reflection of cryptocurrency or exchanges, rather the use of them. With the rise in acceptance of crypto as a mainstream currency and investment (we all remember Dogecoin going to the moon, right?), understanding that the sanctions are focused on illegal activity, not virtual currencies is paramount. Just like paper money, as long as funds are not being laundered or used for anything illegal, law enforcement and the government should have no interest.

As the recent failed FBI REvil sting demonstrates, capturing the actual ransomware gangs behind the attacks may be near impossible (especially when most are in foreign countries). The sanction shows that the U.S. government is open to getting creative in their approach to dismantling cyber criminals, in this case simply going after their ability to profit from the attacks. 

“As cyber criminals use increasingly sophisticated methods and technology, we are committed to using the full range of measures, to include sanctions and regulatory tools, to disrupt, deter, and prevent ransomware attacks,” said Treasury Secretary Janet L. Yellen.

The Treasury also announced an Updated Advisory on Potential Sanctions Risks for Facilitating Ransomware Payments from the Office of Foreign Assets Control (OFAC).

The full press release is available at https://home.treasury.gov/news/press-releases/jy0364. 

Related Links

• Google and Microsoft Announce $30B Cybersecurity Investment at White House Summit
• White House Issues Executive Order on Cybersecurity

About Schneider Downs Cybersecurity

The Schneider Downs cybersecurity practice consists of experts offering a comprehensive set of information technology security services, including penetration testing, intrusion prevention/detection review, ransomware security, vulnerability assessments and a robust digital forensics and incident response team. For more information, visit www.schneiderdowns.com/cybersecurity or contact the team at [email protected].

In addition, our Digital Forensics and Incident Response teams are available 24x7x365 at 1-800-993-8937 if you suspect or are experiencing a network incident of any kind.