Paying Ransomware Demands Could Lead To Federal Fines For Victim And Insurer Alike

 Tuesday, October 20, 2020

 Risk & Insurance

Companies hit with ransomware cyber attacks are facing a new threat — retaliation from the federal government.

The Treasury Department’s Office of Foreign Assets Control (OFAC) issued a new advisory stating businesses that pay ransomware demands could be met with penalties.

The Treasury Department says paying cyber attackers enables criminal activity and breaks sanctions with dangerous adversaries. The advisory specifically named Cuba, the Crimea region of Ukraine, Iran, North Korea and Syria.

“Ransomware payments made to sanctioned persons or to comprehensively sanctioned jurisdictions could be used to fund activities adverse to the national security and foreign policy objectives of the United States,” the advisory reads. “Ransomware payments may also embolden cyber actors to engage in future attacks.”
Excess & Surplus Lines