Jamie MacColl, Dr Gareth Mott and Gonzalo Saiz Erausquin
Introduction
On 9 February 2023, the UK and US governments jointly sanctioned seven members of Conti/Trickbot, a ransomware group responsible for attacks against at least 149 UK individuals and businesses.1 The move marked the UK government’s entry into the ransomware sanctions arena. Over the years since, the ransomware sanctions regime has expanded and has become a core component of the UK’s counter-ransomware strategy. The government aims to use sanctions to expose ransomware criminals’ identities, undermine their ability to monetise ransomware, and degrade other criminals’ trust in key ransomware services.2
However, there are significant challenges posed by designing, implementing and enforcing ransomware sanctions in a way that achieves the government’s goals. In this context, in February 2025, as part of ongoing work through its UK Sanctions Implementation and Strategy Taskforce,3 RUSI convened an online workshop to discuss the UK’s experience with ransomware sanctions to date. The workshop was jointly organised by the Centre for Finance and Security and the Cyber and Tech research group at RUSI. A select group of 35 expert stakeholders from the UK, US and Canada attended the workshop. Participants represented a diverse range of professional backgrounds. These included incident responders, ransomware payment brokers, cryptocurrency tracers, lawyers, academics, law enforcement officers and UK government officials.
No comments:
Post a Comment