OFAC echoes many key points from the previous advisory, such as the fact that a company facilitating ransomware payments on behalf of a victim – including cryptocurrency exchanges – may violate OFAC regulations. While OFAC stops short of banning all payments, they offer three key updates in this advisory: discouraging ransom payments, prevention, and reporting.
In an effort to increase reporting, OFAC has clarified that if a company reports the incident to law enforcement and fully cooperates with them, as well as takes meaningful steps to improve their cybersecurity, OFAC will consider this to be a mitigating factor and sanctions violations involving ransomware attacks will likely be resolved with non-public responses, such as No Action Letters or Cautionary Letters, which do not carry monetary penalties.
In addition to releasing the updated advisory, OFAC announced that Over The Counter (OTC) broker Suex was designated to Executive Order 13694 and added to the Specially Designated Nationals and Blocked Persons (SDN) List, thereby prohibiting Americans from doing business with the company. The designation included a number of digital currency addresses as identifiers.
These designations mean that if a ransomware victim chooses to pay the ransom, they risk making a payment to a designated malicious cyber actor and engaging in a sanctions violation.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now