US To Target Crypto Ransomware Payments With Sanctions (wsj.com) 27
The Biden administration is preparing an array of actions, including sanctions [Editor's note: the link may be paywalled, alternative source], to make it harder for hackers to use digital currency to profit from ransomware attacks, WSJ reported Friday, citing people familiar with the matter. From the report: The government hopes to choke off access to a form of payment that has supported a booming criminal industry and a rising national security threat. The Treasury Department plans to impose the sanctions as soon as next week, the people said, and will issue fresh guidance to businesses on the risks associated with facilitating ransomware payments, including fines and other penalties. Later this year, expected new anti-money-laundering and terror-finance rules will seek to limit the use of cryptocurrency as a payment mechanism in ransomware attacks and other illicit activities.
The actions collectively would represent the most significant attempt yet by the Biden administration to undercut the digital finance ecosystem of traders, exchanges and other elements that cybersecurity experts say has allowed debilitating ransomware attacks to flourish in recent years. Senior officials have said ransomware attacks this year have grown more severe than ever and represent a serious threat to critical infrastructure, including power operators, hospitals and banks. The Treasury Department declined to comment and the people familiar with the matter declined to specify the targets of sanctions. But to effectively disrupt illicit crypto transactions, Treasury would need to target the digital wallets that receive ransom transactions, the crypto platforms that help exchange one set of blockchain coins for another to obscure the culprits and the people that own or manage those operations, according to analysts who specialize in such transactions.
The actions collectively would represent the most significant attempt yet by the Biden administration to undercut the digital finance ecosystem of traders, exchanges and other elements that cybersecurity experts say has allowed debilitating ransomware attacks to flourish in recent years. Senior officials have said ransomware attacks this year have grown more severe than ever and represent a serious threat to critical infrastructure, including power operators, hospitals and banks. The Treasury Department declined to comment and the people familiar with the matter declined to specify the targets of sanctions. But to effectively disrupt illicit crypto transactions, Treasury would need to target the digital wallets that receive ransom transactions, the crypto platforms that help exchange one set of blockchain coins for another to obscure the culprits and the people that own or manage those operations, according to analysts who specialize in such transactions.
Re: (Score:1)
A taxpayer-funded professional military is socialism. And if you ever served, you'd notice the institution of the USMC provides everything according to each one's need; from housing to food to medical care. There is even free day care for those with families living on base. THAT'S SOCIALISM
RIP Monero? (Score:2)
In theory atomic swaps could allow peer to peer bitcoin to monero trading without counterparty risk, but if Biden is serious enough exchanges might get forced to detect this and treat the Bitcoins as tainted.
Tainted Bitcoins might have always been an urban myth, but they can be made a reality.
Re: (Score:2)
Exchanges shouldn't have to do anything. Companies paying ransoms don't have large existing crypto holdings. When companies are moving big $$$ around to purchase crypto for ransoms, there are other methods of catching that on the banking side.
money laundering go after exchanges & IRS can' (Score:2)
money laundering we need to go after the exchanges and make it so that the IRS can't take it for tax payment. No you need to pay with cash and yes crypto pay is taxed.
Nothing will be done. Some PR, no real measures (Score:2)
Any attempt to target them will scupper a whole raft of "influence" programs. So this is just PR. Not happening any time soon or ever. The spice (err... Bitcoin) must flow.
Re: (Score:2)
If they succeed ... (Score:3)
Then what?
Only people who do not want to profit in cash will engage in such serious hacking. That will be State actors. Since they are likely to be unobstrusive, not tip their hands and be all cloak and daggery about it, we will welcome a brave new world, no hacking by thieves, but only by governments, industrial espionage agents, information stealers, ...
Re: (Score:2)
It'll be back to a pre-ransomware/extortionware-era cybercrime landscape. So more of the big hacks will be done by by state actors, while the smaller guys will go back to making money through adware and sketchy ad networks, or laundering smaller amounts of money through WU and money mules.
Re: (Score:2)
New! Exciting!! Brave New World!!!
Same as pusillanimous old world
Blacklist the wallets (Score:2)
Blacklist any coins coming out of those wallets.
Blacklist wallets owned by coin-tumbling services, and any coins coming out of those wallets.
That would make those coins effectively worthless.
Re: (Score:2)
Dirty money (Score:2)
So they could provide training and software to make backups easier, remove or reduce the internet surface of most devices (does your light bulb really need to connect to the internet?), create a public, secure messaging system with cryptographically secure identities (to make phishing much harder), and otherwise support all the thing security experts have been saying for decades...
But instead they're going to make it harder for people to do stuff with their own money in secret.
Re: (Score:2)
good (Score:2)
It's about damn TIME the feds stepped in.
There's a reason it's a crime to pay off kidnappers. It incentivizes the crime and ultimately makes things worse for everyone in general.
Everyone who coughs up a ransomware payment is effectively aiding and abetting every future crypto-attack by rewarding bad behavior.
Re: (Score:2)
Good. (Score:2)
Learn how to do a proper backup instead of enabling these ransomware assholes.
No new rules (Score:2)
When you rely on new rules this implicitly excuses past criminal behavior.
For example, Joseph Blount, CEO of Colonial Pipeline this year paid millions of dollars to finance terrorism by meeting ransomware demands for Bitcoin payment. That funding was directly used to support further terrorism.
It is not necessary to make a "don't fund terrorism, WITH COMPUTERS" law or policy when the existing "don't fund terrorism" law is good enough.
Compare that to people buying marijuana using Bitcoin. The USA federal gove