Last month, the U.S. government filed charges against seven international hackers who are suspected to be members of Apt41. Two of the defendants are citizens of Malaysia and five were citizens of the People’s Republic of China (PRC), where they currently reside. They are also suspected to be connected to the Chinese Ministry of State Security.
Facilitating ransomware ransoms may violate OFAC regulations
This advisory highlights OFAC’s designations of malicious cyber actors and those who facilitate ransomware transactions under its cyber-related sanctions program.
Through the International Emergency Economic Powers Act (IEEPA) or the Trading with the Enemy Act (TWEA), U.S. citizens are prohibited from engaging in transactions, with individuals or entities on OFAC’s SDN list.
Sanctions compliance programs of any company that is attacked by ransomware should consider the possibility that ransomware payments may involve a person on the SDN list or an embargoed jurisdiction.
The advisory strongly suggests any company paying ransomware demands or any entity facilitating a ransomware ransoms on their behalf should consider their obligations under the Financial Crimes Enforcement Network (FinCEN) regulations.
