Making Ransomware Payments Can Get You In Legal Trouble

December 21, 2018

Written by wukovits

It’s no secret that ransomware attacks have been on the rise over the last couple of years. Many companies, desperate to get their files back, have resorted to simply paying the ransom and hoping the hackers act in good faith and keep their word where unlocking the files is concerned. That approach just got a lot more complicated, thanks to the OFAC (Office of Foreign Assets Control), which is a part of the Department of the Treasury.

In a recently unsealed grand jury indictment against a pair of Iranian hackers, we’ve learned that in addition to identifying the hackers by name, they’ve also been identified by their specific cryptocurrency wallet address.

Here’s why that matters:

The OFAC has added both hackers to the Specially Designated Nationals and Blocked Persons List. That means that US citizens and businesses are forbidden to do business with or conduct transactions of any kind with them, including sending ransom payments to their cryptocurrency addresses.

Since federal investigators are monitoring those wallets now, any ransom payments sent to them could easily be traced back to the person sending the funds. At that time, the sender would be subject to secondary sanctions and fines that would be far more than whatever the original ransom amount might have been.

Needless to say, this complicates things a great deal for companies hit by ransomware attacks and it makes it all the more important to have a strategy in place to recover your files if you are successfully attacked in this manner.

Failure to do so could be ruinously expensive.  In addition to suffering system downtime (which will cause your company to bleed red ink), and the funds lost paying the ransom, now you’ve got to worry about the federal government.  Not good.

Used with permission from Article Aggregator

Bayou Tech

We provide solutions for your business. Find out how we can help.

Related Articles

Some Amazon Device Features May Have Security Risks

Have you heard of Amazon Sidewalk? If not, it's definitely something you should be aware of. Depending on your point of view, the new feature, which was enabled by default on a wide range of Amazon devices by default on June 8 of this year (2021) is either...

Email Unsubscribe Scam Can Easily Fool Any User

Scammers are increasingly relying on a tried and true bit of social engineering to fool unsuspecting users into unwittingly signing up to receive a flood of additional spam email. They accomplish this by blasting out an email asking recipients if they wish to...

Update VMWare Software Immediately To Avoid Possible Attack

The US Cybersecurity and Infrastructure Security Agency recently issued a warning to all companies running VMware Vcenter Server and VMware Cloud Foundation. They are asking them to download and apply the latest security patches as soon as possible because attackers...

Send us a message

Your message was sent.