OFAC Publication of Ransomware Advisory
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has issued an advisory to alert companies that engage with victims of ransomware attacks of the potential sanctions risks for facilitating ransomware payments, which can be found here.
As defined by OFAC, ransomeware is a form of malicious software (malware) designed to block access to a computer system or data, often by encrypting data or programs on information technology systems to extort ransom payments from victims. Individuals who resort to these attacks often hold sensitive information from the systems that they have accessed and threaten to expose the information in addition to continually locking the rightful owner out of the system. According to the Federal Bureau of Investigation (FBI), these attacks have become more frequent and pervasive as there has been a reported increase by 37% between 2018 and 2019. These attacks typically target large companies but have also been known to victimize smaller businesses, governmental agencies, hospitals and school districts.
This advisory highlights OFAC’s designations of malicious cyber actors and those who facilitate ransomware transactions under its cyber-related sanctions program. Mitigating a ransomware attack is very cumbersome because of the high likelihood that the attacker or their affiliates are individuals blocked by OFAC. OFAC holds sanction violators to strict liability so the major point of this advisory is to outline how individuals faced with a ransomware attack can best handle the issue while avoiding committing a violation.
It identifies U.S. government resources for reporting ransomware attacks and provides information on the factors OFAC generally considers when determining an appropriate enforcement response to an apparent violation, such as the existence, nature, and adequacy of a sanctions compliance program. The advisory also encourages financial institutions and other companies that engage with victims of ransomware attacks to report such attacks to and fully cooperate with law enforcement, as these will be considered significant mitigating factors.
Information provided by the U.S. Treasury Department's Office of Foreign Assets and Control.
Have questions related to anything you've read above? Feel free to connect with us using the Contact form at the bottom of the Home page.