Since 2013, OFAC has designated many malicious cyber actors including those committing ransomware attacks, using its “cyber-related sanctions program and other sanctions programs.”
Examples include Russia-based and state-sponsored Evgeniy Mikhailovich Bogachev, who developed the Cryptolocker ransomware used to infect 117,000 computers in the United States between 2013 and 2016. Bogachev goes by the online monikers of “lucky12345” and “Slavik” and is wanted by the FBI. There is a $5 million reward for his capture.
The SamSam ransomware started being used in 2015 to 2018 to target many governmental institutions, large cities, like Atlanta, Georgia, and big companies. OFAC sanctioned two Iranian nationals suspected of working on behalf of Iran for providing material support of ransomware attacks.
The North Korean Lazarus Group also known as the Hidden Cobra uses the WannaCry 2.0 ransomware. They may employ as many as 6,000 hackers and have been linked to 300,000 computer attacks in 150 countries. They are also suspected of the 2020 attacks targeting the cryptocurrency vertical.
