Hi cyber friends:
In October 2020, OFAC issued the attached “Advisory on Potential Sanctions Risks for Facilitating Ransomware Payments.”
It states: “Companies that facilitate ransomware payments to cyber actors on behalf of victims, including financial institutions, cyber insurance firms, and companies involved in digital forensics and incident response, not only encourage future ransomware payment demands but also may risk violating OFAC regulations.” Emphasis added.
Regarding violations for making payments to prohibited persons, the advisory states: “OFAC will also consider a company’s full and timely cooperation with law enforcement both during and after a ransomware attack to be a significant mitigating factor when evaluating a possible enforcement outcome.”
Regarding licensing, the advisory states: “Ransomware payments benefit illicit actors and can undermine the national security and foreign policy objectives of the United States. For this reason, license applications involving ransomware payments demanded as a result of malicious cyber-enabled activities will be reviewed by OFAC on a case-by-case basis with a presumption of denial.” Emphasis added.
We continue to monitor any developments on this important issue and will continue to keep you posted.