Cybersecurity » Damned If You Do, Damned If You Don’t

Damned If You Do, Damned If You Don’t


May 31, 2022

The Treasury Department’s Office of Foreign Assets Control maintains an official list of sanctioned entities and individuals so that U.S. companies will not unwittingly violate the Trading With The Enemy act. The list is notably short of known ransomware gangs. If such an operation makes the list, Americans are legally barred from paying ransom. The day after Russia invaded Ukraine, a gang called Conti proclaimed “full support of Russian government” on its dark web site, and pledged use of  “all possible resources to strike back at the critical infrastructures” of Russia’s opponents. Cooler-headed extortionists must have been alarmed by the pronouncement, because the next day Conti backed-off on official allegiance to Russia. Maybe that’s why it hasn’t been put on the OFAC sanctions list, but there are other good reasons. By imposing sanctions on such gangs, OFAC puts victimized businesses in a bind. If they pay, they have committed an illegal act. If they don’t pay they suffer disclosure of trade secrets or other sensitive information, or have to shut down altogether. It wouldn’t look good to send money to a group that proclaimed allegiance to Russia. Nevertheless, some American victims do pay ransom to Conti, through a Canadian intermediary called Cypfer. According to CEO Daniel Tobok, Cypher has paid Conti on behalf of about a dozen victims, more than a third of them American, since the war began. He said some of the companies would have had to lay off employees or shut down entirely if they hadn’t paid.

Share this post:

Find this article interesting?

Sign up for more with a complimentary subscription to Today’s General Counsel magazine.