It has been reported that the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) is issuing this advisory to highlight the sanctions risks associated with ransomware payments related to malicious cyber-enabled activities. Demand for ransomware payments has increased during the COVID-19 pandemic as cyber actors target online systems that U.S. persons rely on to continue conducting business. Companies that facilitate ransomware payments to cyber actors on behalf of victims, including financial institutions, cyber insurance firms, and companies involved in digital forensics and incident response, not only encourage future ransomware payment demands but also may risk violating OFAC regulations. This advisory describes these sanctions risks and provides information for contacting relevant U.S. government agencies, including OFAC, if there is a reason to believe the cyber actor demanding ransomware payment may be sanctioned or otherwise have a sanctions nexus.
EXPERTS COMMENTS
Edgard Capdevielle, CEO, Nozomi Networks
October 04, 2020
Organisations that give into hackers’ demands are only supporting the profitability and growth of ransomware activity.
Ransomware attacks are continuing to rise, and without a doubt the stakes are getting higher. These attacks are increasing in volume and sophistication and while it might be tempting to pay a ransom, doing so only fuels the fire. We are seeing more instances where the public and private sector respond to the pressure and pay the ransom. In addition to this week's OFAC advisory, Senators Warren an ....Ransomware attacks are continuing to rise, and without a doubt the stakes are getting higher. These attacks are increasing in volume and sophistication and while it might be tempting to pay a ransom, doing so only fuels the fire. We are seeing more instances where the public and private sector respond to the pressure and pay the ransom. In addition to this week's OFAC advisory, Senators Warren and Wyden have both introduced separate bills that would hold corporate executives accountable if they fail to take cybersecurity seriously. Ransomware attacks and other cyberthreats will continue to remain constant as our personal lives and business operations continue to digitalise. That’s why choosing to pay a ransom is too often a short-sighted response that could come at a high cost. Research has shown that paying a ransom can double the cost of recovery. Building, maintaining and constantly improving an organisation’s cybersecurity program is always the best approach and there are certainly tools available today that provide cost effective solutions. Fortunately, choosing to pay a ransom is not an approach we’ve seen corporate boards take in the industrial networking and critical infrastructure space. Paying a ransom can be a slippery slope - and even illegal in some cases as we now see with the OFAC advisory. Organisations that give into hackers’ demands are only supporting the profitability and growth of ransomware activity. When it comes to ransomware attacks, prevention will always be better than a cure.
