Ransomware and Trade Sanctions

 

What do #ransomware and #sanctions have to do with each other? A lot. On October 1, the US Dept. of the Treasure’s Office of Foreign Asset Control (#ofac) issued an advisory to let companies know that facilitating payments of ransomware NOT ONLY encourage future demands but may also risk violating OFAC regulations.

For example, Cryptolocker developer Evgeniy Mikhaulovish Bogachev was designated as a specially designated national (SDN). SamSam ransomware developers in Iran were sanctioned. Wannacry ransomware was linked to North Korea’s Lazarus Group and was similarly sanctioned. And starting in 2015 Evil Corp a cybercrime organization based in Russia was sanctions along with its leader, Maksim Yakubets, for the development of Dridex malware.

Bottom line - it has actually never been just about the data, but it is more clear than ever that US regulators are looking closely at the long - term incentives for criminal activity and how payments can fund sanctioned activities. Beware!

 
Other posts you might be interested in...
Data Protection vs Information Security
Data Protection vs Information Security
Perspective on ESG
Perspective on ESG
ESG and the Girl Scouts
ESG and the Girl Scouts
Starting an ESG Journey
Starting an ESG Journey
Forced Labor and Stevia
Forced Labor and Stevia
Isn't ESG Just For Big Companies?
Isn't ESG Just For Big Companies?
Ransomware and Trade Sanctions
Ransomware and Trade Sanctions
ESG and the Compliance Profession
ESG and the Compliance Profession
Privacy, Politics or Paranoia?
Privacy, Politics or Paranoia?
Is ESG a Pandemic Casualty?
Is ESG a Pandemic Casualty?
governance and esgLisa Beth Lentiniprivacy, ransomware, data