The United States and Britain on Thursday sanctioned 11 people who are part of the Russia-based Trickbot cybercrime hacking group, accusing it of targeting critical government infrastructure and businesses, along with hospitals, during the coronavirus pandemic.

A U.S. Treasury statement said the blacklisted targets included “key actors involved in management and procurement” for Trickbot, which it said has ties to Russian intelligence services.

Treasury undersecretary Brian Nelson said in a statement, “The United States is resolute in our efforts to combat ransomware and respond to disruptions of our critical infrastructure.”

Ransomware refers to the demand for payments to unlock computer services that cybercriminals have frozen.

British Foreign Secretary James Cleverly said the sanctions are an attempt to disrupt Trickbot’s business model and strip officials of their anonymity.

“We know who they are and what they are doing,” he said in a statement. 

British officials said the Trickbot group had extorted at least $180 million from people around the world to restore their computer services.

In conjunction with the sanctions, which block any assets the Trickbot officials have in the United States and Britain, the U.S. Justice Department unsealed indictments against nine individuals in the gang.

The U.S. said that in one instance, the Trickbot group used ransomware against three medical facilities in the midwestern state of Minnesota, “disrupting their computer networks and telephones, and causing a diversion of ambulances.”

The U.S. said Trickbot workers “publicly gloated over the ease of targeting the medical facilities and the speed in which ransoms had been paid to the group.” 
…