Malware payouts from insurance companies pose a threat to U.S. national security.
Two offices of the U.S. Department of the Treasury have issued
advisories on ransomware payouts, which they say pose a threat to
national security. The Financial Crimes Enforcement Network or FinCen reminded cryptocurrency processing companies of their duty to file suspicious activity reports when they have a reason to suspect that their services are being engaged for such payouts to sanctioned individuals:
“Among
these entities are digital forensics and incident response (DFIR)
companies and cyber insurance companies (CICs). Some DFIR companies and
CICs, as well as some MSBs that offer CVCs [convertible virtual
currency], facilitate ransomware payments to cybercriminals, often by
directly receiving customers’ fiat funds, exchanging them for CVC, and
then transferring the CVC to criminal-controlled accounts.”
The announcements also note that while Bitcoin (BTC)
remains the favorite currency of the cybercriminals, there is a trend
toward greater use of privacy coins. Apparently, some criminals have
even offered a discount to those who chose the latter.
Recently, the IRS awarded two $625,000 contracts to Chainalysis and Integra FEC to develop tools that would help track the most elusive privacy coin, Monero (XMR).
The Treasury Office of Foreign Assets Control's (OFAC) statement emphasizes
that some of the biggest ransomware attacks of the recent past were
perpetrated by foreign actors. It stressed that the funds received as a
result of such activity could be used to the detriment of U.S. national
security. OFAC also restated that in addition to having a list of
sanctioned individuals with whom U.S. persons are prohibited from
transacting, there are certain countries and regions that are on the
list as well. Financial service providers who choose to ignore those
restrictions may be penalized.
Many
cybersecurity experts have been saying for years that the only way to
put an end to malware attacks is to stop paying the ransom. A threat
analyst at malware lab Emisoft, Brett Callow told Cointelegraph:
“Critically,
ransoms must stop being paid. Attacks like this happen for one reason
and one reason only: because some companies pay the criminals. If nobody
paid the criminals, there’d be no more ransomware. It’s that simple.”
Yet,
it appears to be the first serious attempt by the U.S. government to
crack down on these payouts and on those who facilitate them.
source link : https://cointelegraph.com/news/us-treasury-warns-crypto-firms-not-to-reimburse-unknown-ransomware-victims
