In a significant move against international cybercrime, the United Kingdom and the United States have jointly sanctioned Russian cybercriminals implicated in ransomware operations. This coordinated action reflects a growing commitment to disrupt malicious cyber activities targeting critical infrastructure and to hold perpetrators accountable.
Coordinated Sanctions Targeting Russian Cybercriminals
On November 19, 2025, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC), in collaboration with Australia’s Department of Foreign Affairs and Trade and the UK’s Foreign, Commonwealth and Development Office, announced sanctions against Media Land, a Russia-based bulletproof hosting (BPH) service provider. Media Land was accused of facilitating ransomware operations and other forms of cybercrime by offering specialized servers designed to evade detection and law enforcement efforts. Alongside Media Land, three of its leadership team members and three affiliated companies were designated for their roles in supporting cybercriminal activities. (home.treasury.gov)
Explore the data solution with built-in protection against ransomware TrueNAS.
The UK’s sanctions mirrored these actions, targeting Media Land, its sister company ML.Cloud LLC, and four individuals involved in malicious cyber activity. Measures included asset freezes, travel bans, and director disqualifications, aiming to disrupt the operational capabilities of these entities and individuals. (reuters.com)
Sanctions on Key Cybercrime Infrastructure
Earlier in the year, on February 11, 2025, the UK, US, and Australia jointly sanctioned Zservers, another Russia-based BPH service provider. Zservers was implicated in supporting the LockBit ransomware group, one of the most prolific ransomware variants responsible for numerous attacks globally. The sanctions targeted Zservers and two Russian nationals who were key administrators, highlighting the international resolve to dismantle cybercrime infrastructure. (home.treasury.gov)
Targeting Leadership of Cybercrime Gangs
In a concerted effort to disrupt cybercrime operations, the UK, US, and Australia imposed sanctions on Dmitry Khoroshev, a senior leader of the LockBit cybercrime gang, on May 7, 2024. Khoroshev was identified as a significant figure in orchestrating ransomware attacks that have affected thousands of victims worldwide, including over 200 UK businesses. The sanctions included asset freezes and travel bans, aiming to incapacitate Khoroshev’s ability to continue his cybercriminal activities. (gov.uk)
Implications and Future Outlook
These coordinated sanctions represent a robust response to the escalating threat of ransomware attacks, which have caused significant disruptions to critical infrastructure, including healthcare systems, financial institutions, and government services. By targeting both the infrastructure and leadership of cybercrime organizations, the UK and US aim to degrade the operational capabilities of these groups and deter future attacks.
The international collaboration underscores the importance of a unified approach in combating cybercrime, recognizing that cyber threats are borderless and require collective action. As cybercriminals continue to evolve their tactics, ongoing cooperation and adaptation of strategies will be essential in safeguarding global cybersecurity.
References
-
U.S. Department of the Treasury. (2025, November 19). United States, Australia, and United Kingdom Sanction Russian Cybercrime Infrastructure Supporting Ransomware. (home.treasury.gov)
-
UK Government. (2025, November 19). New UK sanctions target Russian cybercrime network. (gov.uk)
-
UK Government. (2024, May 7). UK and allies sanction prolific cyber hacker. (gov.uk)
-
U.S. Department of the Treasury. (2025, February 11). United States, Australia, and the United Kingdom Jointly Sanction Key Infrastructure that Enables Ransomware Attacks. (home.treasury.gov)
-
Reuters. (2025, November 19). US, UK and Australia sanction Russian cyber firms over ransomware links. (reuters.com)
Be the first to comment