The U.S. Department of Justice indicted three Russian nationals on Tuesday for operating web-hosting services that enabled ransomware gangs to attack U.S. businesses [1].

This legal action targets the critical infrastructure that allows cybercriminals to hide their activities. By dismantling "bullet-proof" hosting services, officials aim to disrupt the technical backbone that ransomware operators rely on to launch attacks and maintain anonymity.

The criminal case was filed in the U.S. District Court for the Eastern District of New York [1]. Prosecutors said the hosting services acted as a shield for cybercrime networks, allowing them to operate with minimal interference from law enforcement. These services facilitated attacks that resulted in more than $62 million [1] in losses for American companies.

This indictment follows a broader strategy of international cooperation to isolate Russian cybercrime. Earlier, the U.S. Treasury coordinated with the United Kingdom and Australia to impose economic sanctions on the same network [2]. Those sanctions were announced on Feb. 11, 2026 [2], marking an earlier effort to cripple the network's financial capabilities before the criminal charges were brought this month.

U.S. officials said the combination of criminal indictments and economic sanctions is necessary to disrupt the network's operations [1], [2]. The coordinated effort between Washington, D.C., London, and Canberra underscores a multilateral approach to combating state-tolerated or state-sponsored cyber activity.

While the individuals were indicted on July 14, 2026 [1], the U.S. government continues to track the movement of funds and data associated with the hosting services. The Department of Justice has not specified if the three nationals are currently in U.S. custody or if they remain in Russia.

Three Russian nationals were indicted for operating “bullet‑proof” web‑hosting services.

This move signals a shift from merely chasing individual hackers to targeting the service providers who enable them. By focusing on 'bullet-proof' hosting—services that intentionally ignore legal requests to take down malicious content—the U.S. is attempting to remove the safety net that makes ransomware profitable and sustainable.