viernes, 23 octubre 2020
Visitas totales a la web: 86116866

El portal de los profesionales de seguridad y emergencias

Nº 1 del mundo en español en seguridad global

Soluciones de seguridad global

Companies Facilitating Ransomware Payments Could Face Penalties

William Turton

Companies that assist victims of ransomware attacks in making payments to criminal hackers could face penalties, according to a new advisory from the U.S. Department of the Treasury.

The civil penalties would apply to those who assist in making ransom payments on behalf of victim companies or governments hacked by criminal groups that have been sanctioned by the Treasury Department. The new advisory, from the department’s Office of Foreign Assets Control, could fundamentally change the calculus for companies — and their advisers — after they’ve been infected with ransomware.

“Companies that facilitate ransomware payments to cyber actors on behalf of victims, including financial institutions, cyber insurance firms, and companies involved in digital forensics and incident response, not only encourage future ransomware payment demands but also may risk violating OFAC regulations,” the Treasury Department said in its new advisory.

Treasury officials didn’t respond to messages seeking comment.

Victims of ransomware attacks that make the payments aren’t specifically mentioned in the advisory as being subject to civil penalties for paying ransom. However, Treasury Department rules prohibit victims from paying ransom to sanctions entities. These rules haven’t changed. What’s changed in that the U.S. government threatened to start enforcing these rules, said Joshua Motte, chief executive officer of Coalition Inc., the cyber insurance company.

Ransomware is a type of malware that locks computers and blocks access to files in lieu of a payment. Companies targeted with ransomware must decide whether to pay the ransom, using via cryptocurrency, or find some other way to restore its files and rebuild its computer network. The attacks can be devastating, with the potential to bring company operations to a stop.

From 2018 to 2019, there was a 37% increase in reported ransomware cases and a 147% annual increase in associated losses, according to the FBI.

“The ransomware problem has blown up exponentially over the past two months,” said Charles Carmakal, senior vice president and chief technology officer at the cybersecurity company Mandiant. “Mandiant is aware of over 100 organizations in which ransomware operators had network access to in September alone, more than double what we were aware of in September of the previous year.”

Paying ransom to criminal groups has long existed within a legal gray area. The ransom, which can sometimes be in the millions, are often paid to organized criminal groups in Eastern Europe or Russia. While the FBI discourages paying ransom, the U.S. government hasn’t previously punished victims who pay the hackers’ demands.

The Treasury Department has issued sanctions on criminal ransomware groups, including last December against Russia-based Evil Corp. That group is suspected of being behind a ransomware attack on smartwatch maker Garmin Ltd. Sky News reported that the cybersecurity company Arete Incident Response, which is based in the U.S., allegedly paid a ransom to Evil Corp. on behalf of Garmin.

Arete didn’t respond to a request for comment.

The new advisory could create another headache for companies struck by ransomware — figuring out if the attackers have been sanctioned by the U.S. It is often difficult to conclusively prove who is behind a ransomware attack, thanks to the obfuscation provided by the internet and the fact that criminal ransomware groups are sometimes skilled hackers who can cover their tracks.

“The intention of the OFAC advisory is positive, but it will certainly add more pressure and complexity to victim organizations already challenged with protecting the confidentiality of their stolen customer data and recovering their business operations after a security incident,” Carmakal said. “The true identity of the cyber criminals extorting victims is usually not known, so it’s difficult for organizations to determine if they are unintentionally violating U.S. Treasury sanctions.”

According to the Treasury advisory, companies that notify law enforcement of ransomware attacks may decrease its risk in the event it ends up paying a sanctioned entity.

Fecha de publicaciónoctubre 02, 2020

BELT.ES no se hace responsable de las opiniones de los artículos reproducidos en nuestra Revista de Prensa, ni hace necesariamente suyas las opiniones y criterios expresados. La difusión de la información reproducida se realiza sin fines comerciales. 

Listado de Expertos

Recomendado

Profesión militar: Obediencia debida frente a la obligación de disentir

Con ocasión de la realización de estudios en el Instituto Universitario Gutiérrez Mellado tuve la ocasión de leer y analizar una serie de documentos de opinión que trataban en profundidad las diferentes facetas presentes en el campo de las relaciones cívico-militares; temas que , habitualmente, no han estado presentes en los diferentes cursos y actividades formativas en la enseñanza militar, ni, por supuesto, en la civil.

El paracaidista español que humilló a los «temibles» espías soviéticos

Joaquín Madolell, natural de Melilla y militar del Ejército del Aire, desarticuló la mayor red del espionaje...

Mascarillas falsas llenan tiendas y farmacias: cómo saber si la tuya lo es y qué riesgo tienen

Higiénicas, quirúrgicas, FFP... Estos términos hace dos meses no nos sonaban de casi nada a la mayor parte de los ciudadanos, y menos si nos decían que esto tenía algo que ver con mascarillas.

Últimas noticias

El Ejército quiere descongestionar Madrid y llevar bases a la España vaciada

Los planes para trasladar un regimiento a Zamora y otro a Burgos o crear un gran centro logístico tropiezan con la falta de financiación.

El Día de las Fuerzas Armadas 2020, que finalmente tuvo que suspenderse debido a la pandemia de coronavirus, estaba previsto el pasado 30 de mayo en Huesca. El Ministerio de Defensa eligió esta ciudad para exhibir el éxito de una operación sin precedentes: el traslado del Cuartel General de la División Castillejos desde Madrid al Prepirineo aragonés.<

Pilar Mañas, primera jefa de unidad del Aire, en el 12-O: “En el Ejército no hay techos de cristal”

Comandante del Ejército del Aire: "Este 12 de octubre estaremos ahí con todo. Es el día de la Fiesta Nacional y estaremos apoyando...

7 requisitos para que una mascarilla proteja una jornada laboral de 8 horas

Según la guía de buenas prácticas en los centros de trabajo, publicada por el Ministerio de Sanidad, “no es imprescindible usar mascarilla...

Detienen en España a John McAfee, el excéntrico millonario pionero de los antivirus

John McAfee, el creador del famoso antivirus que lleva su apellido, fue arrestado este fin de semana en la ciudad de Barcelona,...

DIRECTRICES DE BUENAS PRÁCTICAS EN CENTROS LOGÍSTICOS Y ALMACENES

En este documento se recoge una selección no exhaustiva de recomendaciones y medidas de contención adecuadas para garantizar la protección de la salud de los trabajadores frente a la exposición al coronavirus SARS-CoV-2 en los centros logísticos y almacenes. Con carácter más general deben considerarse también las recomendaciones para la vuelta al trabajo recogidas en el documento “Buenas prácticas en los centros de trabajo.