Cybersecurity » Damned If You Do, Damned If You Don’t

Damned If You Do, Damned If You Don’t


The Treasury Department’s Office of Foreign Assets Control maintains an official list of sanctioned entities and individuals so that U.S. companies will not unwittingly violate the Trading With The Enemy act. The list is notably short of known ransomware gangs. If such an operation makes the list, Americans are legally barred from paying ransom. The day after Russia invaded Ukraine, a gang called Conti proclaimed “full support of Russian government” on its dark web site, and pledged use of  “all possible resources to strike back at the critical infrastructures” of Russia’s opponents. Cooler-headed extortionists must have been alarmed by the pronouncement, because the next day Conti backed-off on official allegiance to Russia. Maybe that’s why it hasn’t been put on the OFAC sanctions list, but there are other good reasons. By imposing sanctions on such gangs, OFAC puts victimized businesses in a bind. If they pay, they have committed an illegal act. If they don’t pay they suffer disclosure of trade secrets or other sensitive information, or have to shut down altogether. It wouldn’t look good to send money to a group that proclaimed allegiance to Russia. Nevertheless, some American victims do pay ransom to Conti, through a Canadian intermediary called Cypfer. According to CEO Daniel Tobok, Cypher has paid Conti on behalf of about a dozen victims, more than a third of them American, since the war began. He said some of the companies would have had to lay off employees or shut down entirely if they hadn’t paid.

Get our free daily newsletter

Subscribe for the latest news and business legal developments.

Read this next

AI Vital To Cybersecurity and Cyber Criminals

SEC Complaint Against Company Filed by Ransomware Gang

The new Security and Exchange Commission’s (SEC’s) reporting rules require U.S.-listed companies […]

AI Executive Order Finally Released

The Recruiting Workflow: A Balance Between Technology and Humans

As Legal Operations professionals support their corporate legal departments with digital transformation […]

What to Do When Your Employees Are Using Chatbots

Making Digital Transformation a Core Competency in 2024

Every two or three years, the business world changes, and leaders are […]

Scroll to Top