Role of virtual assets in countering ransomware financing

Ransomware attacks have become increasingly prevalent in recent years, causing significant financial and operational disruptions to businesses and especially financial institutions worldwide. Countering ransomware financing is crucial to mitigating the impact of these attacks and disrupting the criminal networks behind them just like is the case during money laundering.

Virtual assets, such as cryptocurrencies, have become the primary means of payment for ransomware attacks. This is due to their anonymity, ease of transfer, and global reach. Criminals can use virtual asset service providers (VASPs) to exchange cryptocurrencies into fiat currencies, making it difficult to trace the illicit proceeds. 

Key strategies for countering ransomware financing include:
Strengthening Uganda’s current AML/CFT Regulations and Enforcement: The government may have to come out strongly with full commitment to implement and enforce robust anti-money laundering (AML) and countering the financing of terrorism (CFT) regulations for VASPs. 

This should be done after the National Risk Assessment on Virtual Assets (VAs) and Virtual Assets Service Providers (VASPs) has been conducted. This will further need the VASPs to conduct customer due diligence (CDD), implement transaction monitoring systems, and report suspicious transactions to the Financial Intelligence Authority (FIA) by law.

Enhancing International Cooperation and adhering to the Financial Action Task Force (FATF) guiding notes on Countering Ransome Financing. International cooperation is essential to effectively combat ransomware financing. Governments across may need to share intelligence detail in real time, coordinate investigations, and develop joint strategies to disrupt criminal networks. Financial Action Task Force (FATF) can play a key role in facilitating international cooperation.

Raising Awareness and Educating Accountable persons including the public. There is an urgent need in Uganda today, especially with the emerging cyber threats and crimes that are hitting the financial institutions.  Accountable persons including the public should be educated about the risks of ransomware attacks and how to protect themselves from them. This includes implementing strong cybersecurity measures, backing up data regularly, and avoiding clicking on suspicious links or attachments among other vulnerabilities within the cyber space.

Disrupting Ransomware Criminal Networks. Law enforcement agencies may need to prioritise the investigation and prosecution of ransomware actors. This includes identifying and seizing illicit funds, disrupting criminal networks, and bringing perpetrators to justice. 

Exploring alternative payment methods. The emerging development of more traceable and transparent payment methods may also reduce the attractiveness of virtual assets for ransomware payments. 

Promoting incident reporting, especially with what is currently happening in the Ugandan context where many members of the public have fallen victim to cyber fraud.    Continuous investment in cybersecurity research and development can lead to more effective solutions for preventing and detecting ransomware attacks. 

Public-private partnerships can foster collaboration and knowledge sharing between law enforcement, cybersecurity experts, and technology experts.

Mr  Cyrus Barigye  is the Director of ICT systems and security at the Financial Intelligence Authority of Uganda (FIA)