On February 9, 2023, the United States and the United Kingdom designated seven Russian individuals that have been associated with the development or deployment of a range of ransomware strains which have targeted the UK and the US. This is the first time that the UK has made designations under its Cyber (Sanctions) (EU Exit) Regulations 2020. The US Department of the Treasury’s Office of Foreign Assets Control (“OFAC”) issued this press release in tandem with the designations.
The individuals (who are said to be part of the Russia-based cybercrime gang Trickbot) are:
- Vitaliy Kovalev
- Valery Sedletski
- Valentin Karyagin
- Maksim Mikhailov
- Dmitry Pleshevskiy
- Mikhail Iskritskiy
- Ivan Vakhromeyev
See here for the relevant notice from OFAC and see here and here for relevant notices from the UK’s Office of Financial Sanctions Implementation (“OFSI”). OFSI recently published guidance on Ransomware and Financial Sanctions which, amongst other things, provides an overview of cyber sanctions legislation in the UK and outlines the UK government’s approach to enforcement and what companies/individuals need to do. Similarly, OFAC issued this advisory on the potential sanctions risks of facilitating ransomware payments in 2021.
The authors acknowledge the assistance of Ryan Orange with the preparation of this blog post.