Maze ransomware hits U.S nuclear contractor: data leaked

Following a U.S nuclear contractor Maze ransomware attack , two offices of the US Treasury Department have issued advisories against ransomware pay-outs and state that they pose a threat to US national security.

The Financial Crimes Enforcement Network (FCEN) has reminded crypto-processing companies of their obligation to file suspicious activity reports when they are led to believe that their services are being used in a dubious manner.

The communication also noted that while Bitcoin (BTC) remains the particular favourite of cybercriminals, there is an emerging tendency towards using private coins with some of these companies – even offering discounted rates for using the privacy option.

The Treasury Office of Foreign Assets Control’s (OFAC) statement has reiterated that several of the largest ransomware attacks have been conducted by foreign criminals. It warned in the strongest terms possible, that the finances gained during perpetration of these crimes might be used to the detriment of U.S. National safety.

OFAC also reiterated that as well as having a list of already sanctioned individuals – with whom United States’ citizens are banned from using for their crypto transactions – there are also several countries that are on the ban list. Financial service providers who choose to blatantly ignore the banning notices will also be heavily penalized.

Industry leading cybersecurity experts have warned in recent years that there is only one way to prevent malware attacks. This involves refusing to pay any of the ransom demands, thus reducing the attraction to criminals.

“Critically, ransoms must stop being paid. Attacks like this happen for one reason and one reason only: because some companies pay the criminals. If nobody paid the criminals, there’d be no more ransomware. It’s that simple.”

Brett Callow, Emisoft – threat analyst

This would appear to be the first serious attempt by the US Government to enforce action against these cybercriminals and to significantly restrict any payments they receive. It looks likely that the US will step up their efforts in the coming months to reinforce their position in the continuing war against cyber-terrorism.