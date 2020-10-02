Infosecurity Group Websites
Latest
News

US Treasury: Paying Ransomware Gangs Could Violate Regulations

The United States Treasury has warned companies that they could be fined for paying or facilitating ransom payments to cyber-criminal gangs. 

An advisory published yesterday by the Treasury’s Office of Foreign Assets Control (OFAC) stated: "Companies that facilitate ransomware payments to cyber actors on behalf of victims, including financial institutions, cyber insurance firms, and companies involved in digital forensics and incident response, not only encourage future ransomware payment demands but also may risk violating OFAC regulations."

OFAC said paying ransomware gangs who are operating under economic sanctions was a threat to US national security interests because it could fund the expansion of their criminal activities and could also encourage them to carry out further ransomware attacks.

The Office also noted that "paying a ransom to cyber actors does not guarantee that the victim will regain access to its stolen data."

OFAC underlined the fact that Americans are prohibited under the International Emergency Economic Powers Act from engaging in transactions with individuals or entities on the office's Specially Designated Nationals and Blocked Persons List. US citizens are also restricted by embargoes placed on certain regions and countries that include Cuba, Iran, Syria, and North Korea.

The advisory stated that violating OFAC regulations could result in a financial penalty. 

"OFAC may impose civil penalties for sanctions violations based on strict liability, meaning that a person subject to US jurisdiction may be held civilly liable even if it did not know or have reason to know it was engaging in a transaction with a person that is prohibited under sanctions laws and regulations administered by OFAC."

OFAC urged financial institutions and other companies to implement a risk-based compliance program to mitigate exposure to sanctions-related violations. Ransomware victims and those involved with addressing ransomware attacks were asked to contact OFAC immediately if they believe a request for a ransomware payment may involve a sanctions nexus. 

Commenting on the advisory, CynergisTek CEO Caleb Barlow said: “A ransomware payment is no longer a get out of free jail card. Enterprises have to invest in defenses.” 

Barlow added that the issuance of the advisory was "likely accelerated" by "Garmin knowingly paying an adversary on the sanction list" millions of dollars to recover data after a ransomware attack.

Related to This Story

What’s Hot on Infosecurity Magazine?

1
News

Critical Vulnerabilities Found in Remote Access Software

2
News

H&M Fined €35.2m for GDPR Violations

3
News

Ransomware: from Entry to Ransom in Under 45 Minutes

4
News

Multiple Wireless Router Chipsets Affected by Authentication Bypass Vulnerability

5
News

Ransomware Attack on Shipping Giant

6
News

Swatch Group Hit by Likely Ransomware Attack

1
News

Spawn of Demonbot Attacks IoT Devices

2
News

Two Charged in ATO Attack on US Athletes

3
News

US Treasury: Paying Ransomware Gangs Could Violate Regulations

4
Blog

COVID-19 and Cybersecurity Staffing Shortages

5
News

Former Australian PM Talks Importance of Cyber Awareness

6
Webinar

Behind the Scenes of a Live DDoS and BOT Attack: Launch and Mitigation

1
Webinar

A Better Defense: Does Modern Security Fit With Modern Attacks?

2
Webinar

Achieving Compliance with the Cybersecurity Maturity Model Certification (CMMC)

3
Webinar

Web App and Portal Protection: Managing File Upload Security Threats

4
Webinar

The Remote Workplace: Managing the New Threat Landscape with ISO 27001

5
Webinar

Extended Threat Detection and Response: Critical Steps and a Critical System

6
Webinar

Does Phishing Prevention Require Better Technology, Detection or Strategy?

1
Online Summit

[On Demand] Infosecurity Magazine North America Online Summit - Fall 2020

2
Blog

Credential Stuffing: the Culprit of Recent Attacks

3
Opinion

Making Cybersecurity a Priority in the Boardroom

4
Online Summit

[On Demand] Infosecurity Magazine EMEA Online Summit - Autumn 2020

5
Blog

Repairing SQL Database Corruption with CHECKDB Repair? You Can Lose Your Data Forever

6
Opinion

Sleepwalking into a Cybersecurity Nightmare?