US sanctions VPN, malware providers for enabling ransomware attacks
Summary
The U.S. Treasury Department has sanctioned two individuals and one entity for providing services that facilitated ransomware attacks. These sanctioned entities allegedly supplied VPN and malware services, thereby enabling cybercriminals to target U.S. organizations.
IFF Assessment
FOE
This news is bad for defenders as it highlights the ongoing challenges in combating ransomware, even with government intervention targeting enablers.
Defender Context
This action by the U.S. Treasury demonstrates a continued focus on disrupting the ecosystem that supports ransomware attacks. Defenders should be aware that government sanctions against service providers may not immediately halt all malicious activities, and threat actors may seek alternative solutions.