US sanctions VPN, malware providers for enabling ransomware attacks

Summary

The U.S. Treasury Department has sanctioned two individuals and one entity for providing services that facilitated ransomware attacks. These sanctioned entities allegedly supplied VPN and malware services, thereby enabling cybercriminals to target U.S. organizations.

IFF Assessment

FOE

This news is bad for defenders as it highlights the ongoing challenges in combating ransomware, even with government intervention targeting enablers.

Defender Context

This action by the U.S. Treasury demonstrates a continued focus on disrupting the ecosystem that supports ransomware attacks. Defenders should be aware that government sanctions against service providers may not immediately halt all malicious activities, and threat actors may seek alternative solutions.

Read Full Story →