Paying the ransom to hackers to resolve ransomware attacks has become more difficult as the U.S. continues to levy sanctions against Russia and Russian-associated entities, The Wall Street Journal reported April 28.
The lists of sanctioned entities are posing increasing risks to U.S. companies that want to pay to get their systems back online after an attack, according to experts, as ensuring that ransomware payments aren't going to sanctioned Russian entities has gotten "much harder" recently.
The surge in ransomware attacks means that cybersecurity experts have had to do their best to ensure ransom payments aren't going to blacklisted entities, but the work of staying up to date has become more intense. The U.S. has steadily piled on sanctions, especially with the ongoing war in Ukraine, meaning that the list changes frequently, with new sanctions being added every day.
U.S. law imposes strict liability on anyone or any company that makes a payment to a sanctioned entity, meaning anyone involved in facilitating a payment to a sanctioned entity can be found liable for violating the law.
So far, U.S. enforcers haven't publicly targeted a company for making a ransomware payment to a sanctioned entity, but several experts have said some kind of enforcement activity is likely, according to the report.