Ransomware attacks have been increasing in numbers compare to previous years. Beside the common expectation the small-medium sized entities could face with such cases together with multinational companies or financial institutions.
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) issued an advisory to alert companies for the potential sanction risk for facilitating ransomware payments.
As mentioned in the advisory “OFAC has imposed, and will continue to impose, sanctions on these actors and others who materially assist, sponsor, or provide financial, material, or technological support for these activities.” and “In particular, the sanctions compliance programs of these companies should account for the risk that a ransomware payment may involve an SDN or blocked person, or a comprehensively embargoed jurisdiction. Companies involved in facilitating ransomware payments on behalf of victims should also consider whether they have regulatory obligations under Financial Crimes Enforcement Network (FinCEN) regulations“
It is requested from the ransomware victims to act incorporate with the related authorized parties. Also a license application could be done to OFAC in case of a payment under the ransomware.
Think more than twice for the security of data and we must not forget that there is more than a data problem in ransomware cases, where the party involved in such a crime could be listed under primary or secondary sanctions or from a jurisdiction subject to sanctions as well. Therefore any unwilling transaction to rescue your data may become a sanction case as well.
Abdurrahman ÖZBEK
SANCTION OBSERVER 