Companies about to be sanctioned by the Government in case they pay cyber-ransom

Ransomware attacks experience unprecedented rise. In 2015, Russian Evil Corp harvested login credentials from hundreds of banks and financial institutions in over 40 countries and robbed around $100 million.

In May 2017, a North Korean ransomware known as WannaCry 2.0 infected approximately 300,000 computers in at least 150 countries. In December 2020, likely-Russian SolarWinds sophisticated hack led to an estimated $90,000,000 insured losses.


To stem the tide of ransomware, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has issued an advisory to highlight the sanctions risks associated with ransomware payments related to malicious cyber-enabled activities. From there, companies and third parties that assist the victim company in paying the ransom will be subject to sanctions to discourage them from making the payment. In addition to the ransomware victime, It encompasses banks that grant the loan, insurance companies that insure the ransom, and consulting companies and lawyers that assist with forensics and payment.


The obvious reason is to discourage payment. The more companies accept payment, the more they encourage illegal ransomware, in the same way that when you use drugs you encourage drug dealers.


In Canada, every company should have a plan to protect against ransomware. This includes as much employee training as having business and IT recovery plans as well as sound tested back ups. Assume that IT will get down in your company and plan for recovery.


Every industry is targeted. In case of ransomware, contact immediately your Information Security Team. The CISO should then get in touch with the Canadian Centre for Cyber Security and Law enforcement agencies.


Sources:


https://home.treasury.gov/system/files/126/ofac_ransomware_advisory_10012020_1.pdf

https://cyber.gc.ca/en/guidance/ransomware-how-prevent-and-recover-itsap00099

Posts récents

Voir tout