Crackdown On Ransomware Criminals

Seven Russian cyber criminals who are linked to the group behind some of the most damaging ransomware attacks on the UK in recent years have been exposed and sanctioned by the UK and the US. The seven cyber criminals, who will now be subject to travel bans and frozen assets will be severely restricted in their use of the global financial system.

The sanctions, which have been recently announced by the US Department of the Treasury’s Office of Foreign Assets Control (OFAC), form part of a concerted campaign by the UK and the US to tackle international cyber crime.

They follow a lengthy investigation by the National Crime Agency (NCA) into the crime group behind Trickbot malware, as well as the Conti and RYUK ransomware strains, among others. The NCA assesses that the group was responsible for extorting at least £27 million from 149 UK victims, including hospitals, schools, businesses and local authorities, although their true impact is likely to be much higher. 

National Crime Agency Director General Graeme Biggar said “This is a hugely significant moment for the UK and our collaborative efforts with OFAC to disrupt international cyber criminals... The sanctions are the first of their kind for the UK and signal the continuing campaign targeting those responsible for some of the most sophisticated and damaging ransomware that has impacted the UK.. We will continue to deploy our unique capabilities to expose cyber criminals and work alongside our international partners to hold those responsible to account, wherever they are in the world.”

Ransomware is a tier one national security threat, with attacks continuing to increase in scale and complexity. 

The criminals behind these attacks specifically target the systems of organisations they judge will pay them the most money and time their attacks to cause maximum damage, including targeting hospitals in the middle of the pandemic. 

Although the Conti group has allegedly disbanded, it’s members, including those sanctioned today, continue to be involved in some of the most notorious new ransomware strains that dominate and threaten UK security. 

The US Treasury Department named Vitaly Kovalev as a senior figure in Trickbot. It said in addition to announcing sanctions against him, an indictment was unsealed on February 9 in the US District Court in New Jersey charging Kovalev with bank fraud in connection with crimes that took place in 2009 and 2010, predating his involvement in Dyre or the Trickbot Group.

The other six individuals are Maksim Mikhailov, Valentin Karyagin, Mikhail Iskritsky, Dmitry Pleshevsky, Ivan Vakhromeyev, and Valery Sedletsky, who worked in various capacities, including development of ransomware and money laundering.

NCA:     RF/RL:      Standard:     Tech Central:     Police Professional:        

You Might Also Read: 

Russian Hackers Account For 74% Of Ransomware Proceeds:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

 


Cyber Security Intelligence: Captured Organised & Accessible


 

« Russian Cyber Attack Disrupts Earthquake Aid 
Royal Mail Refuses To Pay LockBit Ransom Demand »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

RSA Security

RSA Security

RSA provide cybersecurity products for Threat Detection and Response, Identity and Access Management, Governance, Risk and Compliance, and Fraud Prevention.

Opscura

Opscura

Opscura (formerly Enigmedia) brings the reliable and cautious hands of operations together with the analytical minds of cyber experts and cryptography researchers.

ACI Solutions

ACI Solutions

ACI Solutions is a managed IT services and network security provider working with diverse global commercial, government and public sector clients.

SailPoint

SailPoint

SailPoint provides identity governance solutions with on-premises and cloud-based identity management software for the most complex challenges.

CyberPrism

CyberPrism

CyberPrism provides SaaS solutions using proprietary technology, underpinned by industry-leading technical practitioners to protect OT within Government, Maritime and Industrial markets.

OGiTiX

OGiTiX

OGiTiX Software AG is a German software manufacturer specializing in Identity and Access Management.

Travelers

Travelers

Travelers is a leading writer of US commercial property casualty insurance and one of the world’s largest global insurers for cyber insurance.

Jumio

Jumio

Jumio’s end-to-end identity verification and authentication solutions fight fraud, maintain compliance and onboard good customers faster.

Fortanix

Fortanix

Fortanix Runtime Encryption keeps keys, data, and applications completely protected from external and internal threats.

WhiteHawk

WhiteHawk

WhiteHawk is the first online Cyber Security Exchange. We help you understand your cyber risk and match you to tailored and affordable solutions.

Keysight Technologies

Keysight Technologies

Keysight is dedicated to providing tomorrow’s test technologies today, enabling our customers to connect and secure the world with their innovations.

Opticks Security

Opticks Security

Opticks provides fraud detection and monitoring solutions for leading brands. agencies and networks. Our relentless mission is to deliver reliable and innovative software to beat digital fraud.

TPx Communications

TPx Communications

TPx is a leading managed services provider offering a full suite of managed IT, unified communications, network connectivity and security services.

SafeLiShare

SafeLiShare

SafeLiShare’s data security platform unifies encryption strategies for organizations with hybrid and multi-cloud infrastructures, ensuring data is secure regardless of its location.

IntelliBridge

IntelliBridge

IntelliBridge supports our nation’s most critical missions by solving complex technology, intelligence, and mission support challenges.

SecuRedact

SecuRedact

SecuRedact is an AI-powered tool to detect and pseudonymize personal data in text and images. Fast, local, secure, and free to try.