On 1 October, OFAC issued an Advisory on potential sanctions risks for facilitating ransomware payments, to highlight the sanctions risks associated with ransomware payments related to malicious cyber-enabled activities. OFAC has designated numerous malicious cyber actors under its cyber-related sanctions program and other sanctions programmes, including perpetrators of ransomware attacks and those who facilitate ransomware transactions. It has imposed, and will continue to impose, sanctions on these actors and others who materially assist, sponsor, or provide financial, material, or technological support for these activities. The Advisory warns that facilitating a ransomware payment that is demanded as a result of malicious cyber activities may enable criminals and adversaries with a sanctions nexus to profit and advance their illicit aims and, in any case, paying a ransom to cyber actors does not guarantee that the victim will regain access to its stolen data. It warns that making a payment may breach OFAC sanctions, and that licence applications from those wishing to make ransomware payments demanded as a result of malicious cyber-enabled activities will be reviewed by OFAC on a case-by-case basis with a presumption of denial.
I had left off this link (as it did not seem to generate much interest!), but it seemed time to add it again and say that, if you would like to make a (polite) gesture and help me with my removal and computer costs, I have a page at https://www.buymeacoffee.com/KoIvM842y