OFAC Imposes New Sanctions To Thwart Ransomware – Technology

/in


On September 21, 2021, the US Treasury Department’s Office
of Foreign Assets Control (“OFAC”) levied its first
sanctions against a Russian-operated virtual currency exchange
involved in ransomware payments and published an updated advisory
on sanctions risks for ransomware payments. At the same time,
Deputy Secretary of the Treasury Wally Adeyemo was careful to
underscore that “the vast majority of activity that’s
happening in the virtual currencies is legitimate activity.”
The actions form part of what the Treasury Department described as
a whole-of-government effort targeting ransomware networks and
certain foreign virtual currency exchanges – those that are
either illicit or operate at the edges of legality – that
support them. In a ransomware attack, a cyber actor uses malware to
encrypt the data on a victim’s computer system and only
decrypts it if the victim pays a ransom, usually in
cryptocurrency.

OFAC targeted only one, Russian-operated virtual currency
exchange, but its action signals a broader focus on intermediary
parties that launder ransom payments or otherwise facilitate
ransomware attacks. The September 21, 2021 advisory (the “Updated
Advisory”) expands on the guidance provided in its October 2020
predecessor about OFAC’s expectations of how victims and
others should act both before, during, and after an attack. All
companies, especially those in industries such as financial
services that are often targeted by ransomware attacks, and the
cybersecurity firms that help victims manage attacks, should review
the Updated Advisory and incorporate its guidance into their
ransomware planning.

New Sanctions and Updated Advisory on Cryptocurrency

US companies are generally prohibited from engaging in any
financial transactions with persons identified on OFAC’s
Specially Designated Nationals and Blocked Persons
(“SDN”) List, and with those located in certain
sanctioned countries or territories, including Cuba, Iran, and the
Crimea region of Ukraine. Non-US companies may also violate US
sanctions if they cause a US person to violate the sanctions
prohibitions. And, as OFAC indicates in the Updated Advisory, a
ransomware payment made…

Source…