Russia Sanctions Complicate Paying Ransomware Hackers

The nearly nonstop series of new U.S. sanctions being levied in a bid to halt Russia’s war machine have complicated events for companies facing their own external threat: ransomware attacks.

The ever-lengthening lists of sanctioned entities pose risks to U.S. companies that want to pay to get their systems back online after an attack, experts said.

Ed McNicholas, co-leader of the cybersecurity practice at law firm Ropes & Gray LLP, said ensuring that ransomware payments aren’t going to sanctioned Russian entities has gotten “much harder” recently.

“The overlap of the rise of ransomware and then these pervasive sanctions against Russia has created quite a firestorm in terms of the ability to pay ransoms,” he said.

Traditionally, the list of entities under sanction has been mostly relevant to those in financial services, but recent surges in ransomware attacks have meant that cybersecurity experts have had to do their best to ensure ransom payments aren’t going to blacklisted entities.

The work of staying up to date has become more intense as the U.S. has steadily piled on sanctions, said Bill Siegel, the chief executive of Coveware Inc., which helps companies handle negotiations and other work associated with attempts at cyber extortion.

“With the war, it’s become incredibly dynamic where the entire landscape can shift or change when you wake up in the morning,” Mr. Siegel said. “There’s more sanctions happening every single day.”

Read the full story here.

4 views0 comments