U.S. Treasury Warns Cyber Insurers Payments To Hackers May Violate Sanctions

By   ISBuzz Team
Writer , Information Security Buzz | Oct 04, 2020 06:07 am PST

As reported by Reuters, cyber insurers and other financial institutions that facilitate payments to hackers to end cyberattacks risk running afoul of sanctions rules, the U.S. Treasury Department warned on Thursday.

The warnings, which referenced malicious programs known as ransomware, came in advisories from Treasury’s Office of Foreign Assets Control (OFAC)and Financial Crimes Enforcement Network (FinCEN).

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Jake Moore
Jake Moore , Global Cyber Security Advisor
October 4, 2020 2:06 pm

Using cyber insurance as a quick and easy get-out-of-jail-free-card to avoid ransomware is not the way we are going to win the fight against cybercrime. In fact, this sort of action actually encourages the criminal behaviour to continue and those at risk will never learn. If insurers continue to pay, demands will simply go up.

Insurance works well for a car or a home, but that’s because they are replaceable with no knock-on effect. Losing access to data can be damaging to everyone involved directly and indirectly. I cannot see cyber insurance working in the future in its current state. It indirectly funds cybercriminals to pursue their attacks further and it can leave companies feeling invincible.

I do feel for those stuck between a rock and a hard place, but we must act now to help reduce the ongoing battle between the industry and these persistent threats.

Last edited 3 years ago by Jake Moore

Recent Posts

Would love your thoughts, please comment.x