OFAC Advisory on Potential Sanctions Risks for Facilitating Ransomware Payments
October 6th | 2020
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) recently issued an advisory to highlight the sanctions risks associated with ransomware payments related to malicious cyber-enabled activities. In fact, companies that facilitate ransomware payments to cyber actors on behalf of victims, including financial institutions, cyber insurance firms, and companies involved in digital forensics and incident response, not only encourage future ransomware payment demands but also may risk violating OFAC regulations. This advisory dovetails nicely with the webinar we recently co-hosted with Agio, where we noted that because of the COVID-19 pandemic, ransomware and other cyber-attacks are increasing as bad actors target online systems that we rely on to continue conducting business.