Steps to Take After OFAC and FinCEN’s Warnings on Ransomware Payoffs

Two new Treasury Department advisories will complicate companies’ decisions about whether to pay extortionists who have paralyzed their systems with ransomware attacks. The OFAC advisory urges companies to diligently check that shadowy payees are not tied to sanctioned entities, while FinCEN is requesting a suspicious activity report on payoffs. The Cybersecurity Law Report discussed with lawyers and consultants from ACA Aponix, Drawbridge Partners, Hogan Lovells, Kivu Consulting, Lockton Companies and Morrison & Foerster the key aspects and impacts of the advisories for victims, financial institutions, cybersecurity vendors and insurers, and practical takeaways. See “Managing Ransomware’s Mutation Into a Public Data Breach” (May 6, 2020).

To read the full article

Continue reading your article with a CSLR subscription.