FOLLOW US

Thu

July 9, 2026

Business October 19, 2020 5 mins read

Is it legal to pay ransomware ransoms?

Business ı By Jackie Allen

0 Comments

ransomware sanctions

Ransomware attacks have become more sophisticated and widespread, affecting almost everyone from large corporations, small and medium-sized businesses, government agencies, non-profit organizations, hospital systems to individual consumers. Once a computer network or system is infected by ransomware, cybercriminals encrypt the victim's files and demand a ransom in exchange for a decryption key. Victims often have no choice but to pay ransomware ransoms to regain access to their files. Is it legal to pay ransomware ransoms to hackers?

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) recently issued an advisory regarding ransomware payments. There has been very little mention or analysis of the ‘Advisory on Potential Sanctions Risks for Facilitating Ransomware Payments.” This is surprising since the document questions the legality of paying ransomware ransoms.

According to the advisory, there are “sanctions risks associated with ransomware payments related to malicious cyber-enabled activities.”

This means that companies that help or facilitate ransomware ransoms to cybercriminals are at-risk of violating the OFAC regulations. This puts the victims of an attack, as well as, “financial institutions, cyber insurance firms, and companies involved in digital forensics and incident response,” in the crosshairs of possible US sanctions or at-risk of a “sanctions nexus.”

Background of Ransomware Attacks 

Ransomware is malicious software or malware which attacks a computer network to shut down access to the computer system and/or the data until a ransom is paid. Ransomware is usually spread through phishing emails or when a cybercriminal gets employee login information.

Cybercriminals target companies, institutions, and other online systems that people rely on to continue conducting business.

According to the Federal Bureau of Investigation's (FBI) 2018 and 2019 Internet Crime Reports, ransomware cases increased by 37%  and there was a “147 percent annual increase in associated losses" during those years.  And in 2020, ransomware attacks have also dramatically increased during the COVID-19 pandemic. 

Wanted by the US for Cybercrimes

OFAC maintains a Specially Designated Nationals and Blocked Persons List (SDN List), which details blocked persons, country, and regional embargos. This includes numerous cybercrime groups and parts of the world including, “Cuba, the Crimea region of Ukraine, Iran, North Korea, and Syria.” 

Since 2013, OFAC has designated many malicious cyber actors including those committing ransomware attacks, using its “cyber-related sanctions program and other sanctions programs.”

Examples include Russia-based and state-sponsored Evgeniy Mikhailovich Bogachev, who developed the Cryptolocker ransomware used to infect 117,000 computers in the United States between 2013 and 2016. Bogachev goes by the online monikers of “lucky12345” and “Slavik” and is wanted by the FBI. There is a $5 million reward for his capture.

The SamSam ransomware started being used in 2015 to 2018 to target many governmental institutions, large cities, like Atlanta, Georgia, and big companies.  OFAC sanctioned two Iranian nationals suspected of working on behalf of Iran for providing material support of ransomware attacks.

The North Korean Lazarus Group also known as the Hidden Cobra uses the WannaCry 2.0 ransomware. They may employ as many as 6,000 hackers and have been linked to 300,000 computer attacks in 150 countries. They are also suspected of the 2020 attacks targeting the cryptocurrency vertical. 

Russian state-sponsored Evil Corp is a “cybercriminal organization, which used the Dridex malware to infect computers and harvest login credentials from hundreds of banks and financial institutions in over 40 countries, causing more than $100 million in thefts.”

The FBI is offering a $5 million reward for information to locate Evil Corp and their leader, Russian-based  Maksim V. Yakubets, who the government says went by the nicknames “aqua,” and “aquamo.”  OFAC has imposed sanctions on these actors and “will continue to impose, sanctions on these actors and others who materially assist, sponsor, or provide financial, material, or technological support for these activities.”

Also on the SDN list are 5 China-based international hackers known as Apt41. This hacking group is allegedly responsible for computer crimes including intellectual property  (IP) theft, ransomware attacks, and crypto-jacking that impacted over 100 companies, organizations, and individuals in the United States and other countries.

Last month, the U.S. government filed charges against seven international hackers who are suspected to be members of Apt41. Two of the defendants are citizens of  Malaysia and five were citizens of the People’s Republic of China (PRC), where they currently reside. They are also suspected to be connected to the Chinese Ministry of State Security. 

Facilitating ransomware ransoms may violate OFAC regulations 

This advisory highlights OFAC’s designations of malicious cyber actors and those who facilitate ransomware transactions under its cyber-related sanctions program.

Through the International Emergency Economic Powers Act (IEEPA) or the Trading with the Enemy Act (TWEA), U.S. citizens are prohibited from engaging in transactions, with individuals or entities on OFAC’s SDN list.

Sanctions compliance programs of any company that is attacked by ransomware should consider the possibility that ransomware payments may involve a person on the SDN list or an embargoed jurisdiction.

The advisory strongly suggests any company paying ransomware demands or any entity facilitating a ransomware ransoms on their behalf should consider their obligations under the Financial Crimes Enforcement Network (FinCEN) regulations. 

“OFAC will also consider a company’s self-initiated, timely, and complete report of a ransomware attack to law enforcement to be a significant mitigating factor in determining an appropriate enforcement outcome if the situation is later determined to have a sanctions nexus.” the advisory recommends. 

----------------------------------------

Have a story you want USA Herald to cover? Submit a tip here and if we think it's newsworthy, we'll follow up on it.

Want to contribute a story? We also accept article submissions – check out our writer's guidelines here.

Previous Article

FTC sued Critical Resolution Mediation, another debt collection scam

Read More
3213 Posts

Jackie Allen

Jackie is a freelance journalist and technology geek. She worked as a telecom project director for AT&T and BellSouth. Before joining the USA Herald she has written books, articles, blogs and whitepapers. Her clients include Samsung and other technology companies.

Discussion

No comments yet. Be the first to join the discussion!

Don’t Miss It
Arizona January 11, 2025
Kelly Warner Law Firm Blames USA…

In what appears as a desperate attempt to defend multiple…

By – USA Herald
Arizona January 4, 2025
Aaron Kelly Law Firm Resorts To…

Attorney Aaron Kelly and his law partner Daniel Warner are…

By – Jeff Watterson
Arizona December 12, 2024
Arizona Bar Opens Investigation on Attorney…

USA Herald recently reported on a developing story involving Attorneys…

By – Paul O'Neal
America July 4, 2026
Man Killed, Three Family Members Injured…

A man was killed and three family members were injured…

By – Rihem Akkouche
America July 4, 2026
Three Dead, Seven Rescued After Boat…

Three people died and seven others were rescued Friday after…

By – Rihem Akkouche
America July 4, 2026
Independence Day Parade in Washington DC…

Organizers of Saturday’s Independence Day parade in Washington DC abruptly…

By – Rihem Akkouche
America July 4, 2026
Beach Closures Expand Across Long Island…

Beach Closures were spread across parts of New York just…

By – Jackie Allen
America July 3, 2026
Mars Rover Images Lead to Debates…

A new Mars Rover image captured by NASA’s Curiosity mission…

By – Jackie Allen
America July 3, 2026
Best Buy’s Massive 4th of July…

The 4th of July is upon us, and Best Buy…

By – Rihem Akkouche
America July 3, 2026
Best Buy’s Massive 4th of July…

The 4th of July is upon us, and Best Buy…

By – Rihem Akkouche
America July 3, 2026
America’s 250th Birthday: Essential Flag Etiquette…

As the United States prepares to celebrate its 250th anniversary…

By – Rihem Akkouche
America July 3, 2026
Taylor Swift and Travis Kelce’s Star-Studded…

Taylor Swift and Travis Kelce’s highly anticipated wedding is finally…

By – Rihem Akkouche
America July 3, 2026
Two Dead, One Injured in Chaotic…

A shooting altercation between two groups of young people at…

By – Rachel Moore
America July 3, 2026
AI Isn’t Killing Tech Jobs —…

If you work in tech, artificial intelligence might not be…

By – Rachel Moore
America July 3, 2026
Michigan Lawmakers Finally Pass $75 Billion…

Michigan lawmakers worked overnight to pass a $75 billion bipartisan…

By – Rachel Moore
America July 3, 2026
16 Children Rescued From Ohio Home…

16 Children have been rescued from what Ohio authorities describe…

By – Jackie Allen
America July 2, 2026
Taylor Swift Wedding Reports Claim Private…

Taylor Swift Wedding speculation intensified after reports claimed that pop…

By – Jackie Allen
America July 2, 2026
JonBenét Ramsey Case Returns to Spotlight…

JonBenét Ramsey is once again making headlines as Netflix prepares…

By – Jackie Allen
America July 1, 2026
NASA Opportunity Rover Image of Strange…

The NASA Opportunity Rover has once again sparked fascination after…

By – Jackie Allen
America June 30, 2026
Reflecting Pool Becomes Political as Biden…

The Reflecting Pool at the Lincoln Memorial has become the…

By – Jackie Allen
America June 29, 2026
Stonewall Riots: An Uprising That Changed…

The Stonewall Riots marked one of the most significant turning…

By – Jackie Allen
Arizona July 2, 2026
The Nancy Guthrie Mystery Deepens As…

The search for 84-year-old Nancy Guthrie continues to command national…

By – Tyler Brooks
Arizona June 30, 2026
What the Upcoming Supreme Court Ruling…

The landscape of American democracy is bracing for a major…

By – Tyler Brooks
America June 29, 2026
U.S. Holiday Week Heatwave is Here;…

If you’re out of sunblock, it’s time to stock up.…

By – Macie LaCau
America June 29, 2026
Stonewall Riots: An Uprising That Changed…

The Stonewall Riots marked one of the most significant turning…

By – Jackie Allen
America June 27, 2026
Strait of Hormuz Conflict Escalates as…

The Strait of Hormuz remains one of the world’s most…

By – Jackie Allen
America June 27, 2026
Confidential Sources at Center of Catherine…

Confidential sources are once again at the center of a…

By – Jackie Allen
America July 3, 2026
Federal Judge Sends Bad Bunny Reggaeton…

INSIDE THIS REPORT A federal judge denied summary judgment to…

By – Samuel Lopez
America July 3, 2026
Mike Rowe Sues Discovery for $2…

Inside This Report Mike Rowe is suing Discovery, claiming the…

By – Samuel Lopez
America July 3, 2026
7-Eleven Sues Nike Over Alleged Air…

INSIDE THIS REPORT Nike faces a federal trademark lawsuit over…

By – Samuel Lopez
America July 3, 2026
Avi Loeb’s UAP Council Promises Proof—But…

Inside This Report Unresolved UAP cases are not proof of…

By – Samuel Lopez
Business July 3, 2026
Matthias Bernard, Sofitel GM, Sued in…

A federal-and-state, seven-figure premises-liability action names the Sofitel Barcelona Skipper…

By – Rochdi Rais
America July 3, 2026
NASA Launches Swift Rescue Mission –…

Inside This Report A three-armed robotic spacecraft named LINK launched…

By – Samuel Lopez
Health July 2, 2026
The Hidden Science Behind Why Your…

For millions of people, the first conscious act of the…

By – Tyler Brooks
Health July 2, 2026
The High Cost of the Infinite…

A significant legal chapter is closing for one of the…

By – Tyler Brooks
Health July 2, 2026
Kentucky Medicaid Alert How The Upcoming…

A significant change is arriving for thousands of Kentucky residents…

By – Tyler Brooks
Health June 29, 2026
Everything You Need to Know About…

As the calendar turns to July 1, residents of Georgia…

By – Tyler Brooks
Breaking News June 26, 2026
Trump Seeks $1.4 Billion as Congo…

The Trump Ebola funding request would provide more than $1.4…

By – Michallie Harrison
Health June 25, 2026
Temperatures in France were higher than…

The images coming out of Europe this week are nothing…

By – Tyler Brooks
High Profile Court Cases July 2, 2026
Justice Served as Former NFL Scout…

The Nashville courtroom fell silent this Wednesday as a jury…

By – Tyler Brooks
Sports June 26, 2026
USMNT Lost to Turkey at 90+8.…

Kaan Ayhan’s goal came in the 90th minute, plus eight.…

By – Nicolas Carreno
Entertainment June 25, 2026
Tears, Goals, and the Siuuu: IShowSpeed’s…

The 2026 FIFA World Cup has been a rollercoaster of…

By – Tyler Brooks
America June 22, 2026
World Cup History Made as Lionel…

World Cup history was made Monday afternoon in Arlington, Texas,…

By – Jackie Allen
America June 22, 2026
Lionel Messi, at 39, Shatters All-Time…

Lionel Messi has done it again. The Argentine superstar etched…

By – Rihem Akkouche
Pennsylvania June 22, 2026
Will a Massive Storm Derail the…

The 2026 FIFA World Cup is already delivering unforgettable moments…

By – Tyler Brooks

No posts found.

No posts found.

Signup for the USA Herald
exclusive Newsletter