The Treasury Department is also telling banks and cyber insurance companies to report any suspicious transactions involving ransomware payments to federal authorities.
(Rob Engelaar/AFP/Getty Images) If you pay off the hackers behind a ransomware attack, you could be violating US sanctions, according to the US Treasury Department. On Thursday, the department issued a five-page advisory about companies facilitating ransomware payments, and how doing so can violate US law. That’s because the US government has increasingly been sanctioning the hackers behind major cyber attacks to prevent businesses, such as banks, from supporting their activities. For example, the sanctions have targeted the North Korean hackers behind the WannaCry outbreak in 2017, the Iranians who allegedly developed the SamSam ransomware, and the Russian blamed for creating Dridex, a malware strain also capable of delivering ransomware. At the same time, the US has also sanctioned individual countries—including Iran, North Korea, Russia, and Syria—over national security concerns. As a result, making a ransomware payment to hackers based in the sanctioned countries could end up undermining US foreign policy objectives, the Treasury Department said.
