Treasury takes robust measures against ransomware

Financial Crimes Department of Treasury OFAC FinCEN Ransomware OFAC Sanctions OFAC Designations Of Interest to Non-US Persons

On September 21, the U.S. Treasury Department announced recent actions that are focused on confronting “criminal networks and virtual currency exchanges responsible for laundering ransoms, encouraging improved cyber security across the private sector, and increasing incident and ransomware payment reporting to U.S. government agencies, including both Treasury and law enforcement.” As part of its continuing actions to counter the increasing threat of ransomware, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions against a virtual currency exchange, pursuant to Executive Order 13694, as amended, for its alleged role in providing material support to the threat posed by criminal ransomware actors. As a result of the sanctions, all transactions by U.S. persons or in the U.S. that involve any property or interests in property of designated or otherwise blocked persons are generally prohibited. Additionally, OFAC issued an updated advisory, which highlights “the sanctions risks associated with ransomware payments in connection with malicious cyber-enabled activities and the proactive steps companies can take to mitigate such risks, including actions that OFAC would consider to be ‘mitigating factors’ in any related enforcement action.” Treasury also noted that FinCEN has engaged with industry, law enforcement, and others regarding the ransomware threat through the FinCEN Exchange public-private partnership (covered by InfoBytes here).