In a coordinated action with US authorities, the UK has imposed sanctions on seven Russian cybercriminals involved in the deployment of the Conti And Ryuk ransomware as well as the Trick bot banking trojan. This follows a thorough investigation led by the National Crime Agency (NCA) and marks the UK’s first-ever joint sanctions against cybercrime.
This is reported by the British governmentRansomware is a “first threat to national security” that is increasingly being used to attack companies and public sector organizations.
Ransomware groups known as Conti, Wizard Spider, UNC1878, Gold Blackburn, Trickman, and Trickbot have been responsible for deploying ransomware strains including Conti, Ryuk, and Trickbot.
Discover the future of technology!
Visit us at TNW Conference 15 & 16 June in Amsterdam
The groups target organizations they expect to pay the most and time their attacks to do the maximum damage. Conti and Ryuk alone have affected 149 UK individuals and companies, earning an estimated £27 million.
Conti’s recent victims in the UK include the Scottish Environment Protection Agency, food distribution company Reed Boardall, Cleveland Council and forensic laboratory Eurofins.
“These criminals and those who support them are not immune to British action.
Conti was also one of the first cybercrime groups to show support for Russia’s war in Ukraine, while the National Cyber Security Center (NCSC) has determined that key members of the group are “highly likely” to have ties to Russian intelligence. Services.
And although the group disbanded in May 2022, government reporting suggests members remain involved in threatening UK security with new strains of ransomware.
“The sanctions are the first of their kind for the UK and reflect the ongoing campaign targeting those responsible for some of the most sophisticated and damaging ransomware to hit the UK and our allies,” said Graeme Biggar, managing director of the NCA, in one rack.
“The United States and the United Kingdom are taking coordinated action against cybercriminals who have launched attacks against our critical infrastructure,” US Secretary of State Antony J. Blinker stressed in an accompanying press release. “We will continue to work with the UK and other international partners to expose and disrupt cybercrime from Russia.”
The people sanctioned include the following individuals:
The seven individuals are now subject to travel bans and asset freezes. Moreover, it is strictly forbidden to make money available to them, such as paying for ransomware – including crypto assets.
The US Treasury Department warned that “any foreign financial institution that knowingly facilitates a significant transaction, or provides significant financial services to any of the individuals or entities designated today, may be subject to U.S. correspondent or account payable sanctions.”
Through their cooperation, the UK and US authorities said they will continue to expose cybercriminals associated with the ransomware groups and crack down on their activities, aiming to strengthen their cybersecurity.