According to new reporting from Reuters, cybercriminals are exploiting Wyoming’s limited liability corporation law to set up legitimate-seeming endpoints for illicit traffic. Filtering traffic through the United States allows criminals to evade detection by their targets and law enforcement. Wyoming’s LLC governance system, often promoted as being business-friendly and user-friendly, enables criminals to create legitimate-looking fronts for server registration.

According to Reuters, Wyoming also allows registered agents to serve as the public point of contact for LLCs, effectively shrouding the actual ownership behind a veil of anonymity. Such practices have drawn criticism from experts and victims who highlight the lax regulations in Wyoming and advocate for more stringent oversight to curb the misuse of LLCs for nefarious purposes.

The use of Wyoming limited liability companies as a veil for illicit cyber activities has raised alarms within the cybersecurity community. By exploiting the anonymity afforded by these entities, cybercriminals have orchestrated a series of distributed denial of service (DDoS) attacks, targeting journalists, nonprofits, and news organizations.

The findings have implications beyond cybersecurity and into the broader landscape of regulatory governance. As the digital world continues to evolve, regulatory bodies may wish to consider implementing measures to address uses of a state law for illicit activities. The intersection of cybersecurity and corporate governance requires a cohesive approach to address vulnerabilities within the digital sphere.