Trackers Say Sanctions Against Crypto Exchanges Are Working in Ransomware Fight

Historic sanctions against Russia-based cryptocurrency exchanges have had a desired effect, but robust enforcement of laws to counter money laundering internationally is needed to really thwart ransomware perpetrators, according to witnesses testifying before the Senate Homeland Security and Governmental Affairs Committee. 

“We have observed a winnowing down of the cash out destinations for illicit actors, including ransomware actors, mainly to offshore exchanges with little to no regulation and enforcement, which underscores our recommendation for enhanced US assistance in implementing AML—anti-money laundering—laws to cut off those illicit cash out destinations,” said Jacqueline Burns Koven, head of cyber threat intelligence at the firm Chainalysis. 

Koven testified before the committee Tuesday along with Megan Stifel, chief strategy officer at the Institute for Security and Technology and Bill Siegel, chief executive officer of Coveware.

Last fall, the Biden administration, for the first time, placed a virtual currency exchange—SUEX, which officials say operated out of Federation Tower in Moscow—on a list of entities banned from an association by U.S. persons. More exchanges have since been added to the list for laundering cyber ransoms.

“What we saw as a result of these designations, especially against SUEX, was that deposits dropped nearly to zero as soon as the designations were rolled out,” Koven said, noting that the effect that has had of driving ransomware criminals to offshore exchanges, and so-called “mixing” services that make it harder to trace the identity of those ultimately collecting the illicit funds.

“We've also observed the increased utilization of mixing services by these threat actors to obfuscate the destination of these ransomware proceeds,” she said. “These threat actors are going for the paths of least resistance but it has narrowed down considerably to a handful of services,” that the US can use AML laws to assist in ferreting out bad actors.

Among those are know-your-customer, or KYC, laws which are not uniformly applied to traditional financial institutions—like banks—across the globe, according to Stifel, a former Department of Justice official who worked on international cyber policy for the National Security Council during the Obama administration. 

“Were we to have a more consistent regulatory environment internationally through the application of KYC, AML and other regulatory measures by working with partners, including through the FATF—the Financial Action Task Force that has been effective in terrorism instances—that would provide a pathway I think, for there to be a more significant impact on the ability for governments to obtain information that can facilitate arrests or other disruptive measures against these criminal actors.”