Paying ransomware demands could land you in hot water with the feds
Advisory applies not just to victims but also to security and finance firms they hire. …
reader comments
68 with 45 posters participating
Businesses, governments, and organizations that are hit by crippling ransomware attacks now have a new worry to contend with—big fines from the US Department of Treasury in the event that they pay to recover their data.
Treasury Department officials made that guidance official in an advisory published on Thursday. It warns that payments made to specific entities or to any entity in certain countries—specifically, those with a designated “sanctions nexus”—could subject the payer to financial penalties levied by the Office of Foreign Assets Control, or OFAC.
The prohibition applies not only to the group that is infected but also to any companies or contractors the hacked group’s security or insurance engages with, including those who provide insurance, digital forensics, and incident response, as well as all financial services that help facilitate or process ransom payments.
Enabling criminals
“Facilitating a ransomware payment that is demanded as a result of malicious cyber activities may enable criminals and adversaries with a sanctions nexus to profit and advance their illicit aims,” the advisory stated. “For example, ransomware payments made to sanctioned persons or to comprehensively sanctioned jurisdictions could be used to fund activities adverse to the national security and foreign policy objectives of the United States. Ransomware payments may also embolden cyber actors to engage in future attacks. In addition, paying a ransom to cyber actors does not guarantee that the victim will regain access to its stolen data.”
Under law, US persons are generally prohibited from engaging directly or indirectly in transactions with people or organizations on the OFAC’s Designated Nationals and
Continue reading – Article source