Cybersecurity

We Don’t Negotiate

The United States government has been known to take a stand of ‘we don’t negotiate with terrorists’ when it comes to discussions of ransom. Whether this has 100% certainty to it can be argued in more ways than we care to discuss here.

What we do know for certain is that this week, the government took a stand when it came to another type of criminal behavior, and it was with the ransoms issued by hackers. On October 1, 2020, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) issued an advisory with regard to “malicious cyber-enabled activities”.

A quick recap of ransomware. Hackers take over your computer or network through a variety of ways, most likely through a human error from clicking on a fraudulent email (phishing) or with compromised credentials. For example, using the same password for all of your accounts both personal and professional, and then having those credentials stolen and essentially providing access to your entire online history. Then they refuse to give you access to the network, device, or database until you pay a ransom.

But back to the advisory…

The advisory said that as the threat of ransomware increases along with the increase in criminal activity, meeting these demands only encourages this type of behavior. It also noted that this rise corresponds with the global pandemic of COVID-19.

But Wait, There’s More

Not only is the advisory against paying these ransoms to stop encouraging criminal behavior, but there is also mention of these being a threat to national security and illegal at that. How so?

Many foreign hacking agencies, groups, whatever you want to designate them as, are designated as OFAC sanctioned entities/actors. This means that “OFAC has imposed, and will continue to impose, sanctions on these actors and others who materially assist, sponsor, or provide financial, material, or technological support for these activities”.

Which in non-governmental speak means that if you pay these ransoms, you are enabling them (with funds) to “profit and advance their illicit arms”. In a way, you’re being viewed as having funded their efforts with your payment. And that, well, is illegal.

OFAC is encouraging victims to contact them immediately if they are on the receiving end of a ransomware attack. It is also recommended that you contact the U.S. Department of the Treasury’s Office of Cybersecurity and Critical Infrastructure Protection if the attack is on a United States financial institution.

There’s a lot to keep up with when it comes to cybercrime. It used to be that staying aware of the latest virus was enough, but that just isn’t the case anymore. This is a full-time job and it requires a partnership that can support you full time as a result. We can do that.