Ransomware Advisory – Ransomware Attacks Are On The Rise!

November 5, 2020 | By: Scott Lard

The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) recently issued an advisory which highlighted the sanctions risks associated with ransomware payments related to malicious cyber-enabled activities. Throughout the COVID-19 pandemic, cyber criminals have increasingly targeting essential online systems which citizens of the US rely on. As a result, the OFAC advisory states, “Companies that facilitate ransomware payments to cyber actors on behalf of victims, including financial institutions, cyber insurance firms, and companies involved in digital forensics and incident response, not only encourage future ransomware payment demands but also may risk violating OFAC regulations.”

Here we’ll discuss what that means for business owners and how to protect your business comprehensively in relation to both ransomware attacks and the sanctions risks associated with ransomware payments.

Ransome Ware Attacks Are On The Rise

Ransomware is a type of malware, or malicious software, that is designed to block admin or user access to databases, applications, or entire systems. The goal is to extort victims for ransom payments in exchange for the restoration of their data and/or systems. Ransomware achieves this goal by encrypting data and IT systems to lock out owners of the systems entirely. In addition, ransomware attacks often involve threats of public disclosure of victims’ private data and sensitive information. The ransom payment is usually demanded via digital currency in exchange for a decryption key to restore systems. In some cases, systems and data are not recovered even after a ransom payment has been made.

Ransomware attacks are dangerous and on the rise. According to stats provided in the OFAC advisory, the Federal Bureau of Investigation’s 2018/2019 Internet Crime Reports reveal a startling 37% annual increase in reported ransomware cases as well as a 147% annual increase in associated losses. Although many of these attacks are made against large corporations, small- and medium-sized businesses are key targets for cyber criminals. This means organizations, businesses, and services such as government agencies, hospitals, school districts, and other essential US online systems are at risk of ransomware attacks.

Important Takeaways from the Advisory

So how does this advisory affect businesses like yours? The key message provided by the OFAC in this advisory is that if ransomware payments are made to sanctioned parties or jurisdictions, where the transaction involves a US jurisdictional nexus, there are potential OFAC sanctions risks and the paying victim and any third-parties who helped to enable the payment are subject to civil liability.

For businesses, this is a serious matter, as ransomware attacks are prevalent and unyielding. For many businesses, IT experts agree that it is not a matter of if your systems will fall victim to ransomware, it is a matter of when. And although the OFAC advisory recognizes the difficult circumstances ransomware victims face, it also serves as a reminder to victims and any third parties involved that they have sanctions compliance obligations with strict liability. That said, if business systems are left unprotected and experience ransomware attacks, business owners will be faced with the difficult decision of either losing all of their data and system functionality or paying the ransom and facing potentially dire OFAC consequences as a result.

Protect Your Business From A Ransomware Attack

What Business Owners Can Do

The OFAC will most likely be more concerned with victims and third parties who make ransomware payments multiple if not hundreds of times to a single ransomware group, but it’s still important for all business owners to understand that OFAC compliance and liability are serious matters. To avoid difficult and damaging consequences of both ransomware attacks and OFAC compliance violations, there are a few steps business owners can take.

Although it has yet to be determined how the OFAC will respond to victims who make ransomware payments, the advisory makes it clear that compliance to the guidelines provided are essential. It seems that businesses who follow OFAC guidance are less likely to experience an enforcement response. These compliance guidelines include enacting sanctions compliance programs, reporting ransomware attacks, and fully cooperating with law enforcement via a “self-initiated, timely, and complete” report during and after an attack. Refer to the advisory for more details on these and other important guidelines.

Ransomware Protection

The biggest thing that businesses can do to avoid both ransomware attacks and OFAC liability is to enact protections to prevent ransomware and comprehensive backup solutions to invest in solid partnerships that ensure your business never has to choose between paying a ransom and facing OFAC enforcement or losing valuable system data and functionality.

Good Ransomware protection should help prevent attacks like ransomware offers by offering essential IT services and solutions, 24/7 monitoring to help identify signs of attacks before they can wreak havoc on your system as well as an intelligent and advanced BDR, or backup disaster and recovery, solution to help restore systems in the event of an attack. A bullet-proof backup and recovery system ensures that if your business is ever faced with ransomware, you will not have to make ransomware payments because your system and data will have already been properly backed up and saved for restoration whenever you need it. This helps give business owners peace of mind in relation to both the effects of ransomware attacks and potential OFAC liability concerns.

 

WANT TO DISCUSS WITH AN IS&T REP?
Contact us today to discuss your new projects!