This means that companies that help or facilitate ransomware ransoms to cybercriminals are at-risk of violating the OFAC regulations. This puts the victims of an attack, as well as, “financial institutions, cyber insurance firms, and companies involved in digital forensics and incident response,” in the crosshairs of possible US sanctions or at-risk of a “sanctions nexus.”
Background of Ransomware Attacks
Ransomware is malicious software or malware which attacks a computer network to shut down access to the computer system and/or the data until a ransom is paid. Ransomware is usually spread through phishing emails or when a cybercriminal gets employee login information.
Cybercriminals target companies, institutions, and other online systems that people rely on to continue conducting business.
According to the Federal Bureau of Investigation’s (FBI) 2018 and 2019 Internet Crime Reports, ransomware cases increased by 37% and there was a “147 percent annual increase in associated losses” during those years. And in 2020, ransomware attacks have also dramatically increased during the COVID-19 pandemic.
Wanted by the US for Cybercrimes
OFAC maintains a Specially Designated Nationals and Blocked Persons List (SDN List), which details blocked persons, country, and regional embargos. This includes numerous cybercrime groups and parts of the world including, “Cuba, the Crimea region of Ukraine, Iran, North Korea, and Syria.”
