In an advisory published Thursday, the Treasury Department warned that individuals or companies that facilitate payments to ransomware extortionists could be fined by the U.S. government.
Under its new guidelines, the Treasury Department said facilitating these payments could be in violation of anti-money laundering and sanctions regulations in cases where a group or hackers is either sanctioned by the U.S. Treasury or has ties to a cybercrime group that is sanctioned.
Huge fines of up to $20 million could be incurred by firms or people that facilitate these payments.
“Demand for ransomware payments has increased during the COVID-19 pandemic as cyber actors target online systems that U.S. persons rely on to continue conducting business,” said the Treasury’s Office of Foreign Assets Control (OFAC).
“Companies that facilitate ransomware payments to cyber actors on behalf of victims, including financial institutions, cyber insurance firms, and companies involved in digital forensics and incident response, not only encourage future ransomware payment demands but also may risk violating OFAC regulations.”
The penalty could be handed down even if the company or individual was unaware that it was engaging or transacting with a sanctioned entity. Before deciding to make any sort of payment, ransomware victims are urged to contact the OFAC.
"OFAC encourages victims and those involved with addressing ransomware attacks to contact OFAC immediately if they believe a request for a ransomware payment may involve a sanctions nexus," the agency said.