Security News > 2020 > October > Companies that facilitate ransomware payments risk violating US sanctions

Companies that ransomware-hit US organizations hire to facilitate the paying of the ransom are at risk of breaking US sanctions, falling afoul of the US Department of the Treasury's Office of Foreign Assets Control regulations and may end up paying millions in fines.

"Ransomware payments made to sanctioned persons or to comprehensively sanctioned jurisdictions could be used to fund activities adverse to the national security and foreign policy objectives of the United States. Ransomware payments may also embolden cyber actors to engage in future attacks. In addition, paying a ransom to cyber actors does not guarantee that the victim will regain access to its stolen data," the OFAC explained.

"OFAC encourages victims and those involved with addressing ransomware attacks to contact OFAC immediately if they believe a request for a ransomware payment may involve a sanctions nexus. Victims should also contact the US Department of the Treasury's Office of Cybersecurity and Critical Infrastructure Protection if an attack involves a US financial institution or may cause significant disruption to a firm's ability to perform critical financial services."

It won't matter if the ransomware gangs involved are from countries under US sanctions or under sanctions themselves.

"OFAC may impose civil penalties for sanctions violations based on strict liability, meaning that a person subject to US jurisdiction may be held civilly liable even if it did not know or have reason to know it was engaging in a transaction with a person that is prohibited under sanctions laws and regulations administered by OFAC," the advisory pointed out.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/-tSr4uvGQNU/