The UK government has hit Zservers with sanctions, along with six individual members of a cyber group and their UK rep, XHOST. In a statement from Foreign Secretary David Lammy and State Minister for Security Dan Jarvis, they pointed out that Zservers plays a key role in providing infrastructure for cyber criminals who plot and carry out attacks against the UK.
They describe it as part of a supply chain that helps ransomware gangs operate and hide their activities. These gangs depend on services like Zservers to launch attacks, extort victims, and stash stolen data. Lammy didn’t hold back, saying, “Putin has built a corrupt mafia state driven by greed and ruthlessness. It’s no surprise that the most unscrupulous extortionists and cyber criminals run rampant from within his borders.” He added that the government will continue working with allies to rein in the Kremlin and tackle threats from Russia’s cyber underworld to ensure UK national security.
This commitment comes alongside a broader plan to build 1.5 million homes in England and expedite planning for over 150 important projects, while also improving NHS standards so that 92% of patients wait no longer than 18 weeks for elective treatment.
The government labeled Zservers as a “bulletproof hosting (BPH) provider,” highlighting that these types of companies shield and facilitate cyber criminals by providing tools to hide their identities and locations. By targeting BPH providers like Zservers, authorities can disrupt a wide network of criminals all at once.
The UK is collaborating with the US and Australia in this crackdown. Recent sanctions against ransomware groups like LockBit and Evil Corp are part of a larger strategy. The National Crime Agency has even identified Aleksandr Ryzhenkov, a key player in Evil Corp who also linked up with LockBit as an affiliate. The government noted that LockBit affiliates have used Zservers to launch ransomware attacks against various UK targets, including nonprofit organizations.
Jarvis emphasized that ransomware from Russian-linked gangs poses one of the greatest cyber threats today. “Denying cyber criminals the tools of their trade weakens their capacity to harm the UK,” he said. The government is rolling out bold proposals to deter ransomware attacks and dismantle the business models behind them.
As for the sanctions, they include Zservers, XHOST Internet Solutions LP, and several employees: Aleksandr Bolshakov, Aleksandr Mishin, Ilya Sidorov, Dmitriy Bolshakov, Igor Odintsov, and Vladimir Ananev.
Since Russia launched its attack on Ukraine three years ago, Western nations have applied sanctions with limited success, creating unintended consequences like enabling Chinese spies to infiltrate Russian defense sectors, referred to as Twisted Panda. The Economist recently pointed out that the Russian economy has shown surprising resilience against these sanctions, partly due to support from non-NATO countries. Historically, only one instance of sanctions—preventing the “war of the stray dog” between Greece and Bulgaria in 1925—has proven effective, though they have some limited value.
Additionally, the Google Threat Intelligence Group released a report highlighting a troubling trend: the merging of cyber crime and cyber warfare, largely emanating from Russia and China.