The Wall Street Journal broke the news, reportedly stating that the federal government is considering fining or otherwise sanctioning entities like exchanges, digital wallets and mixer services — which obscure the movement of cryptocurrency between addresses, making specific transactions harder to retrace — should they support the transfer or storage of ill-gotten funds.
The policies could be unveiled as soon as this week, according to a U.S. official whose identity was kept anonymous.
The Institute for Security and Technology (IST) organized a Ransomware Task Force earlier this year, which recommended tackling the global scourge by taking measures to make conducting ransomware more trouble than it’s worth. Many recent public-sector conversations about ransomware have focused on whether to prohibit victims from paying, as way to remove the monetary incentive behind the crimes.
Reaching the point where the U.S. can outright ban all payments may be a long and bumpy road, however, researchers have said, because cyber criminals are unlikely to give up quickly and some victims will need support surviving attacks in the meantime.
The Treasury Department’s approach homes in on a different part of the ecosystem and attempts to block ransomware perpetrators from profiting by targeting the financial infrastructure that underpins their business models. Ransomware criminals often seek payment in cryptocurrencies.
The Ransomware Task Force had called for similar moves in its May 2021 report, with authors advocating for countries around the world to hold the cryptocurrency sector to tight anti-money laundering, countering the financing of terrorism and know-your-customer rules, similar to those followed by traditional financial institutions.