It didn\u2019t take long for the White House\u2019s ransomware initiative to be fruitful, as evidenced by the successful international law enforcement efforts targeting members of the Sodinokibi\/REvil criminal enterprise. The Department of Justice (DoJ) unsealed two grand jury indictments on November 8, 2021, on individuals associated with the group \u2013 Yaroslave Vasinskyi and Yevgeniy Polyanin\u2013 both with Sodinokibi\/REvil ransomware.US Attorney General Merrick Garland, accompanied by Deputy US Attorney General Lisa Monaco, FBI Director Christopher Wray, and Deputy Secretary of the US Treasury Wally Adeyemo, shared the news of the arrest of Vasinskyi by Polish authorities at the request of the United States. A DoJ press release highlighted the efforts of the Ransomware and Digital Extortion Task Force as being key. In addition, teams from within the private sector played a substantive role, includinf those from Microsoft, McAfee and BitDefender.Additionally, Polyanin, a Russian national still at large, saw $6,123,652.21 disappear from his FTX Trading Limited account on September 10, 2021, pursuant to a \u201cseize property\u201d warrant issued by Judge Rebecca Rutherford of the US District Court, North District of Texas.Vasinsky was lured to Poland from the Ukraine and arrested in Poland on October 8, 2021. He remains in custody and is now facing extradition by the US in accordance with the extradition treaty between the two countries. On November 4, 2021, two individuals (not yet identified) were arrested in Romania for their role in the REvil enterprise.\u201cThe arrest of Yaroslav Vasinskyi [October 5 in Poland], the charges against Yevgeniy Polyanin and seizure of $6.1 million of his assets, and the arrests of two other Sodinokibi\/REvil actors in Romania are the culmination of close collaboration with our international, US government and especially our private sector partners,\u201d said FBI Director Christopher Wray. \u201cThe FBI has worked creatively and relentlessly to counter the criminal hackers behind Sodinokibi\/REvil. Ransomware groups like them pose a serious, unacceptable threat to our safety and our economic well-being. We will continue to broadly target their actors and facilitators, their infrastructure, and their money, wherever in the world those might be.\u201dWhen asked what pretext was used to lure Vasinskiy to Poland, Wray wryly noted how individuals travel for many reasons and that \u201cwe\u201d were glad Vasinskiy chose to travel from the Ukraine to Poland. While Garland, in response to the assistance being provided by Russia, declined to comment on ongoing law enforcement efforts, yet still managed to signal to Russia expectations with noting how the expectation of the United States is that any country, which a criminal is present, will assist the United States with their arrest and bringing the individual to justice to answer to their alleged crimes.Kaseya praised for engaging FBI earlyOf particular import to CISOs, was Wray\u2019s laudatory comments on the handling of the REvil ransomware attack by victim, Kaseya when they were attacked on July 2. He applauded Kaseya for having engaged with law enforcement early which allowed the Kaseya and its customers to benefit from an all-government response to \u201cput out the fire.\u201d He also noted how these efforts resulted in the FBI being able to create a decryption key to unlock Kesaya\u2019s customers\u2019 data. This served to answer the question asked in late-September 2021 as to why the FBI held back REvil ransomware keys and with which international partners the FBI was engaged in the coordinated law enforcement action.Treasury Department issues advisories on virtual currency exchanges supporting criminal activityAdeyemo noted Treasury\u2019s role in the \u201cwhole-of-government effort\u201d against ransomware operators and virtual currency exchanges which support the cyber criminals, as including disruption to digital ecosystems. He also advised that Treasury was issuing a FinCEN Updates Ransomware Advisory, which designates the virtual currency exchange Chatex as being a part of the criminal support effort of the ransomware criminals. In addition to Chatex, Izibits OU, Chatextech SIA and Hightrade Finance ltd, were also designated for providing material support to Chatex\u2019s criminal activity. The advisory notes how Latvia has suspended the operations of Chatextech. Estonia has revoked the license of Izibits OU.Rewards offered for arrest of DarkSide membersMeanwhile, the State Department has made available a $10 million reward for information leading to the identification or locations of any individual holding a key leadership position within the DarkSide ransomware organization and an additional $5 million for information leading to the arrest or conviction in any country of an individual participating in DarkSide ransomware. It is worth noting that the Department\u2019s Transnational Organized Crime Rewards Program has paid out over $135 million in rewards.In closing, Garland called upon Congress to create a cyber reporting standard for industry to assist law enforcement in their efforts to thwart cybercrime. He, as did Monaco and Wray emphasized the role to be played by the private sector in the fight against cybercrime. It was repeatedly emphasized that early engagement with government by CISOs results in making available the resources of the \u201call-of-government\u201d approach.