Paying ransomware demands could land you in hot water with the feds

by
Dan Goodin
from Ars Technica - All content on (#58PSX)
ransom-note-640x360.jpg

(credit: Aurich Lawson)

Businesses, governments, and organizations that are hit by crippling ransomware attacks now have a new worry to contend with-big fines from the US Department of Treasury in the event that they pay to recover their data.

Treasury Department officials made that guidance official in an advisory published on Thursday. It warns that payments made to specific entities or to any entity in certain countries-specifically, those with a designated sanctions nexus"-could subject the payer to financial penalties levied by the Office of Foreign Assets Control, or OFAC.

The prohibition applies not only to the group that is infected but also to any companies or contractors the hacked group's security or insurance engages with, including those who provide insurance, digital forensics, and incident response, as well as all financial services that help facilitate or process ransom payments.

Read 10 remaining paragraphs | Comments

index?i=0-XE6ot7CUM:TllBpQB5h5g:V_sGLiPB index?i=0-XE6ot7CUM:TllBpQB5h5g:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments