(Reuters) – Facilitating ransomware payments to sanctioned hackers may be illegal, the US Treasury said on Thursday, signaling a strong counterweight to the fast-growing market for consultants helping organizations pay for cybercriminals.
In a couple of councils, the Treasury & # 39 ;s Office of Foreign Assets Control and its Economic Crime Control Network warned that facilitators could be prosecuted even if they or the victims did not know that the hackers demanding redemption were subject to U.S. sanctions. .
Ransomware works by encrypting computers, holding a company's data hostage until a payment is made. Organizations have often imposed redemption to release their data.
"It's a game changer," says Alon Gal, chief technology officer at Hudson Rock, which works to ward off ransomware attacks before they occur.
Before companies could decide whether to pay for cybercriminals, he said. Now that these decisions are being monitored by the government, "we will see a much tougher handling of these incidents."
The Supervisory Network's advice also warned that cybersecurity companies may need to register as money services companies if they help to ransomware. payments. It would introduce a new reporting requirement on a previously slightly regulated corner of the cyber security industry.
Ransomware has become an increasingly visible threat in the United States and abroad. Cybercriminals have long used the software to loot their victims. Some countries, especially North Korea, are also accused of using ransomware to make money. Catalog