The U.S. Department of Treasure released an advisory today highlighting that ransomware payments could violate their Office of Foreign Assets Control (OFAC) sanction controls. This advisory drastically changes the dynamic for how companies are managing ransomware response including the payment of ransoms directly or through third party negotiators.
This is an advisory that every CISO, corporate executive, and board of directors member needs to read and understand to prevent criminal liability.
DHS and the FBI shared a joint alert on December third regarding the critical infrastructure threat posed by the Iranian SamSam virus. The ultimate purpose of the virus is the successful intrusion and takeover of a network for the purpose of extorting a ransom (ransomware). The alert recommended strong passwords,