In 2020, the number of ransomware attacks has grown significantly. In addition to computers and mobile phones, we've begun to see internet-connected devices come under attack, including things as innocuous as coffee makers. All governments have always warned that paying these ransoms are dangerous for multiple reasons, from a likelihood that you won't get back what's been taken to the fact that you're paying criminals and encouraging it to happen again. In the United States, the guidance is changing, and it could become a crime to aide this criminal behavior.
In an advisory from the Treasury Department, it is stressed that transferring money to criminal enterprises, for any reason, is a crime. They point out that many of these groups are international, making the transaction an international wire funding fraud. In addition, the transfers could be going to groups or countries on blacklists, such as Iran, North Korea, or Cuba. The advisory states,
Facilitating a ransomware payment that is demanded as a result of malicious cyber activities may enable criminals and adversaries with a sanctions nexus to profit and advance their illicit aims. For example, ransomware payments made to sanctioned persons or to comprehensively sanctioned jurisdictions could be used to fund activities adverse to the national security and foreign policy objectives of the United States. Ransomware payments may also embolden cyber actors to engage in future attacks. In addition, paying a ransom to cyber actors does not guarantee that the victim will regain access to its stolen data.
The feds have been trying to get a handle on what's been going on with the ransomware space. With medical centers, research facilities, and more, all coming under attack, something has to be done to not only protect citizens but sensitive data, as well. While it is unlikely that the Treasury Department will act on this advisory with individuals, there is no doubt that they will act against large organizations that pay large fees to criminals.