Security News > 2022 > March > Russia May Use Ransomware Payouts to Avoid Sanctions’ Financial Harm

Russia may ramp up ransomware attacks against the United States as a way to avoid sanctions levied against the nation and Vladimir Putin's government for its invasion of Ukraine, U.S. federal authorities are warning.

The Financial Crimes Enforcement Network issued a FinCEN Alert on Wednesday advising all financial institutions to remain vigilant against potential efforts to evade the expansive sanctions and other U.S.-imposed restrictions related to the current conflict.

Sanctions against persons who have financial operations in the Russian Federation, including Putin and Russia's Minister of Foreign Affairs Sergei Lavrov.

FinCEN now is urging financial institutions - including those with visibility into cryptocurrency or convertible virtual currency flows, such as CVC exchangers and administrators - to identify and report suspicious activity associated with potential sanctions evasion quickly and conduct an investigation where appropriate.

Because it is not regulated by typical financial currency laws in the United States, cryptocurrency has become a method of choice for cybercriminals to conduct transactions - including receiving payouts after ransomware attacks.

While cryptocurrency does provide privacy for storage and process transactions, "The transparency provided by blockchain could make the movement of large amounts of cryptocurrency detectable by law enforcement," she noted, citing how the Department of Justice was able to seize millions of dollars in Bitcoin that Colonial Pipeline paid to the DarkSide group after a highly disruptive ransomware attack last May. Indeed, another security professional expressed doubt that Russia could use ransomware payments or any other type of cryptocurrency transactions to evade U.S. sanctions "At any meaningful scale."

News URL

https://threatpost.com/russia-ransomware-payouts-avoid-sanctions/178854/