UK & US authorities charge Trickbot cybercriminals over financial attacks

The US Department of the Treasury and HM Treasury in the UK have levied sanctions against seven members of Russian-based cyber team, Trickbot, citing financially motivated attacks tracing back to 2020. 

The seven Trickbot officials were identified for having conducted ransomware attacks on institutions such as hospitals in 2020 during the height of the COVID-19 pandemic, with both US and UK bodies deeming them threats to national security. 

During one of Trickbot’s attacks, the US Treasury outlined that the cyber team initiated ransomware attacks to three Minnesota medical facilities which affected their computer and telephone networks – causing diversions for ambulances with ransomware fees being paid directly to the group. 

The sanctions now imposed against Trickbot state that no UK or American resident shall conduct business with Trickbot, which includes sending fees for ransom without approval from either government. 

No arrests were made public and sanctions were imposed upon the seven individuals, not Trickbot in its entirety, but the statement of intent from both the UK and US signals the focus on tracking and preventing cybercriminals from affecting domestic operations. 

“Cybercriminals, particularly those based in Russia, seek to attack critical infrastructure, target US businesses, and exploit the international financial system,” stated US Under Secretary, Brian E. Nelson. 

“The United States is taking action in partnership with the United Kingdom because international cooperation is key to addressing Russian cybercrime.”

The cooperation between the UK and the US underlines the growing commitment between both nations on efforts to prevent ransomware attacks, with the UK making its first sanctions upon the seven members of Trickbot of ransomware suspects.