OFAC imposes financial penalties for paying ransomware ransoms
In an official statement, the Office of Foreign Assets Control (OFAC), part of the US Department of the Treasury, has highlighted the risks of sanctions associated with payments for ransomware ransom, related to malicious activities in the field of cybersecurity.
OFAC explains that ransomware cyberattacks have increased during the COVID-19 pandemic, primarily targeting the systems that Americans depend on to continue doing business. As a result of this situation, the Treasury Department has imposed economic sanctions, both on individuals and on cybercriminals, freezing all the properties and interests of these people and classifying any transaction with them as a crime.
A person subject to U.S. jurisdiction can be held civilly liable, even if he did not know or had reason to know that he was participating in a transaction with an OFAC sanctioned person or entity, since he did not know or could not knowing who the payment will be made does not exempt from the penalty.
References:
- 01/10/2020 home.treasury.gov Advisory on Potential Sanctions Risks for Facilitating Ransomware Payments1
- 01/10/2020 krebsonsecurity.com Ransomware Victims That Pay Up Could Incur Steep Fines from Uncle Sam
- 01/10/2020 unaaldia.hispasec.com El Departamento del Tesoro de EE.UU. avisa: Las víctimas de ransomware que paguen rescates pueden ser sancionadas