Technology

Ransomware victims find themselves between a rock and a hard place

Ransomware victims find themselves between a rock and a hard place

In case there is any confusion, the United States wants to remind everyone that law is law.

No one can transact with sanctioned entities, the Treasury Department warned in an advisory on Thursday. The Office of Foreign Assets Control, or OFAC, specifically called out ransomware victims for possible sanctions violations, a first for the federal agency.

The bulletin “officially alerts businesses,” said Dmitri Alperovitch, co-founder of Silverado Policy Accelerator, a group of experts on security issues. The former chief technology officer for CrowdStrike, a cybersecurity company, described the action as “a significant opportunity for victims, incident response companies and payment facilitation companies”, warning them that their behavior could be criminal.

To recover locked data, companies affected by ransomware often have no choice but to comply with extortion demands from hackers, although doing so in no way guarantees data recovery.

Many organizations prefer to pay rather than stay or risk going under.

No organization is immune from ransomware breaches, and the business landscape is replete with examples of companies giving in to the demands of hackers. Cities and hospitals are, in fact, among them.

Reitinger, who was also an assistant deputy secretary of the Department of Homeland Security, fears that the strict rules of the Treasury could ignore the reality of the situation. Garmin ultra smooth

Several industry insiders told Fortune that the recent rule violation and a particularly egregious incident this summer involving GPS technology maker Garmin prompted the Treasury to issue its advisory.

After suffering a crippling ransomware attack in July, Garmin enlisted the services of an incident response company. Ultimately, the two are said to have paid a multi-million dollar ransom to a blacklisted Russian cybercriminal group. (Garmin declined to discuss the matter, and Arete did not respond to Fortune’s request for comment.)

The Garmin case is not unique. Hackers tend to target smaller companies with six-figure claims and larger businesses with seven- or eight-figure claims, Carmakal said.

The frequency of attacks appears to be increasing. Carmakal says his team is aware that more than 100 organizations are under attack this month alone, more than double what it was aware of last September.

The intent of the Treasury advisory “is positive,” Carmakal said, “but it will certainly add more pressure and complexity” to victims seeking to recover from such attacks.

So far, the Treasury has not prosecuted any ransomware victims, or industry partners who help make ransomware payments, for violating sanctions laws.

Ciaran Martin, former director of the UK’s National Cyber ​​Security Center, is one of the advocates for taking a tougher stance. To pay a ransom in the case of ransomware,” he said recently. the Royal United Services Institute, a British think tank focused on defense policy, according to Bloomberg.

The position is supported by some in the cybersecurity industry. The Treasury’s warning is “a much-needed step in the right direction,” said Brett Callow, a threat analyst at Emisoft, an anti-malware company that tracks ransomware.

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *