The U.S. Department of Treasury & # 39 ;s Office of Foreign Assets Control issued an updated guidance Wednesday on potential sanction risks to facilitate ransomware payments, stating that it will consider reporting ransomware attacks to government agencies to enforce its policy.
The guidance is essentially the same as the one issued by OFAC in October to warn that the US government "strongly discourages" all private companies and citizens from paying redemption or extortion claims.
Another section, entitled "Cooperation with OFAC and law enforcement," says another factor it will consider in its enforcement guidelines is to report ransomware attacks to appropriate authorities, including whether a manifest violation of US sanctions is voluntarily disclosed. . ”
In these cases, it would be "more likely" to issue a "Non-public response", such as a letter "No action" or "Warning", the new guide said.