The United States Introduce Trade Restrictions Against Russian Entities

• The U.S. expands its entity list with more Russian companies and organizations.
• There's also a “one-stop-shop” website launched for ransomware victims.
• Anyone who knows anything about a ransomware actor may get a bounty of up to $10 million.

After the breach on ‘Kaseya,’ which resulted in the infection of 1,500 (mostly American) businesses with ransomware of the Russia-based ‘REvil’ group, the Biden administration had to push forward with some high-level measures, as it seems the meeting with Russia’s President Putin hasn’t yielded the desired results. Even though REvil has gone dark inexplicably and unexpectedly, it remains clear that other (mainly Russian) cyber actors are still out there and actively seeking to cause harm to American entities.

Yesterday, the U.S. Commerce Department announced the addition of several Russian organizations and companies onto the trade blacklist, adding the following entities:

• Aktsionernoe Obshchaestvo AST
• Aktsionernoe Obshchestvo Pasit
• Aktsionernoe Obshchestvo Pozitiv Teknolodzhiz (JSC Positive Technologies)
• Federal State Autonomous Institution Military Innovative Technopolis Era
• Federal State Autonomous Scientific Establishment Scientific Research Institute Specialized Security Computing Devices and Automation (SVA)
• Obshchestvo S Ogranichennoi Otvetstvennostyu Neobit

Some of these entities are part of Russia’s Foreign Intelligence Services. Others are offering their services to the government, and some (like SVA) have been accused of actually taking part in malicious cyber operations in the past. Starting immediately, no U.S. companies can sell them anything without securing a special license first, just like it happened with Huawei two years ago.

In addition to the above, the U.S. Department of Justice has also announced the opening of a novel ransomware resource at “StopRansomware.gov,” which aims to serve as a central hub for information on how to defend against ransomware. The portal features tips and guidance, self-assessment guides, an incident report system, and a direct connection with the law enforcement authorities, as well as other supporting agencies.

And finally, the U.S. has also announced they’re paying a bounty of up to $10 million to anyone who shares information that can identify or locate malicious actors that take part in ransomware operations. This is an indication of how badly the FBI would like to find out who are those people hiding behind the extortion Tor portals, and also proof of how difficult this is.