Paying a Ransomware Ransom Might Lead to Big Fines…


October 9, 2020

Your day couldn’t be going worse. Someone in the office clicked on a link they shouldn’t have. Now the entire network is compromised with Ransomware. Your cybersecurity hygiene practices weren’t the best, to begin with. You haven’t been doing what you should be doing. Your data wasn’t backed up, and you can’t restore your end-points. The only option left is to pay the attacker’s ransom and unlock your data. Things couldn’t get worse, right?

Boy howdy would you ever be wrong! According to a recent press release from the Department of the Treasury, you might be required to pay a hefty fine if the attacker is located in a country under economic sanctions from the United States government.

The release, dated October 1st, and issued by the Treasury’s Office of Foreign Asset Control (OFAC), states that if you’re paying a ransom to unlock your files, you’re aiding the attackers financially and, as a result, liable to face the same sanctions as the would-be-attacker. 

(Read the release HERE)

How’s it work?

Okay, so, as you may or may not already know, the Feds put economic sanctions on foreign governments that don’t play nicely with the United States. Russia, Iran, to name a few, both have economic sanctions levied against them. Companies that do business directly with those governments are fined large sums of money. You know…unless they contribute to a re-election campaign or two.

What can you do to protect yourself?

There are a lot of things you can do to protect yourself from a Ransomware attack. Here are a few suggestions:

  • Protect your devices with a next-gen endpoint protection product – Traditional endpoint protection products rely on outdated means of detection (like looking for specific signatures). Newer products like Blackberry Protect (formerly Cylance) uses machine learning and artificial intelligence to determine whether or not software that’s trying to run on your machine is hazardous or not.
  • Protect your email inbox – Where something like Blackberry Protect will safeguard your endpoint, applying services like those from Area1 or Cyren can protect your email inbox as well. Emails containing malicious links are a primary cause of ransomware infection. Services like Area1 and Cyren scans your inbox for those nefarious links before someone can click on it and lets the user know not to, or stops them from doing so altogether.
  • Cybersecurity awareness training – This should be a no brainer for people, but it’s often overlooked almost entirely. Adequate security awareness training is often the first, and potentially the BEST line of defense a company has against a cyberattack. A well-educated workforce is more likely to notice something like a social engineering attack before it has a chance to harm your businesses. You, your coworkers, or employees have a much better chance at stopping a ransomware infestation if they know first hand what to look for.

Are you really at risk of paying a fine?

That’s tough to say. OFAC means business. There’s not much the Fed likes that roasting somebody over the coals for cold hard cash. The problem, usually, is they don’t know where to look and almost rely on some sort of messed up “honor” system, like a company making public disclosure of an attack before they swoop in like a big vulture to pick over their bones.

I don’t honestly know how they’d exactly figure out you’ve paid a fine to a cyberattacker, especially since most payments are made in Bitcoin (or some other cryptocurrency) and they’ve had a difficult time tracking those transactions and have yet to admit any cryptocurrency is a monetary unit.

Ultimately, it’s better to be safe than sorry, and anytime you can avoid paying a ransom or a fine, you should probably do so.

It’s also worth noting the brief doesn’t indicate how much someone might have to pay if it’s determined they’re liable for violating any economic sanctions. Is it another toothless piece of legislation or legal flotsam? Could be. Is it worth not protecting your sensitive and valuable data? No.

Like our blog? Subscribe using the CTA in the upper right-hand corner of this page. Feel like sharing your thoughts with us? Use the comment section below.

Don’t forget to follow us on LinkedIn and Twitter

Carl Keyser is the Content Manager at Integris.

Keep reading

Strong Cybersecurity Postures: How to Unleash their Power

Strong Cybersecurity Postures: How to Unleash their Power

In the vast digital landscape where virtual dragons and sneaky trolls roam a strong cybersecurity posture has never been more important. Imagine a band of modern-day knights led by our protagonist, Alex. Armed with a trusty laptop and a cup of coffee, Alex navigates...

How to Spot a Phishing Attack in 2023

How to Spot a Phishing Attack in 2023

In 2023 cyber threats lurk behind every tree trunk in today's digital jungle, and cybersecurity awareness is more critical than ever. Among the craftiest of these threats are phishing attacks. Phishing attacks are cunningly engineered with social manipulation at their...

How to Choose an IT Consultant in Boulder, CO

Regardless of industry size or type, Boulder IT consultants play a massive role in the way companies in the Boulder area do business. While most companies may have their own in-house IT department, many of these departments are small and cannot handle all the...