In an effort to tamp down the ever-enlarging ransomware threat, the U.S. Department of the Treasury is taking a stiffer stance against companies, including cyber insurance providers, making or “facilitating” an extortion payment.
The department’s Office of Foreign Assets Control (OFAC) put out an updated advisory to underscore the possible sanctions associated with making ransomware payments and the violations that might arise when dealing directly with malicious actors.
The bulk of the advisory deals with facilitating payments, whether known or unknown, to individuals or entities on OFAC’s Specially Designated Nationals and Blocked Persons List, other blocked individuals, and those covered by comprehensive country or region embargoes such as Cuba, the Crimea region of Ukraine, Iran and North Korea. The risk of sanctions, which can result in civil penalties, also covers those facilitating…
