Don’t pay the ransom, or else…

Cases of ransomware are multiplying like weeds, unfortunately using our expensive cryptos as a bargaining chip. The Office of Foreign Assets Control (OFAC) warns that somehow facilitating the payment of these ransoms can lead to prosecution.

Ransoms are becoming more and more widespread.

In the United States, the OFAC is the department responsible for the control of foreign assets. In a recent publication, it warns of ransomware, malicious software that locks down data and computer systems by encrypting them.

In exchange for a ransom – payable in Bitcoins (BTC) or Moneros (XMR) most of the time – hackers give a key or decryption software. The targets? Various financial institutions, insurance companies, or even large companies such as Argentina’s main telecom operator or the whisky maker Jack Daniel’s.

According to FBI data cited by the OFAC, there would be a 37% annual increase in ransomware cases, as well as a 147% increase in losses associated with these ransom demands, between 2018 and 2019.
Stuck between the ransomers and the OFAC

The OFAC does not joke about organizations on its „blacklist“ that are considered threats to U.S. security:

„ransom payments made to sanctioned individuals or jurisdictions subject to comprehensive sanctions could be used to fund activities contrary to U.S. national security and foreign policy objectives. Ransom payments may also encourage hackers to repeat their attacks further.

The OFAC can impose civil penalties for violations of these provisions on blacklisted organizations. This is true even if the payment is made without knowing that the ransom is being sent to an organization prohibited from trading by the OFAC.

This is particularly relevant for financial services that can facilitate the processing of ransom payments, such as cryptographic exchange platforms. These companies must ensure that they comply with FOCA sanctions.

The FOCA also encourages victims to contact its services before considering any ransom payment.

As if the worries posed by a ransomware attack were not enough, the victim and his or her potential supporters must also ensure that they do not violate U.S. sanctions and embargoes. All the more reason to be more vigilant, so as not to let your network be infected by this type of malware.