Warning: If you pay ransomware, the US Dept of Treasury may fine you

Topic

New Reply

Dan Goodin at Ars Technica has a great review of the latest US Treasury Department advisory: Businesses, governments, and organizations that are hit b
[See the full post at: Warning: If you pay ransomware, the US Dept of Treasury may fine you]

Reply | Quote

Replies

This suggests the US Dept of Treasury is connected to the people behind the ransomware.

Byte me!

1 user thanked author for this post.

Mr. Austin

Reply | Quote

That’s a remarkably strange conclusion. If the treasury was conspiring with the bad guys wouldn’t payment be encouraged rather than discouraged?

Reply | Quote

That would make it too obvious.

Byte me!

Reply | Quote

? says:

or maybe these guys:

https://en.wikipedia.org/wiki/Office_of_Foreign_Assets_Control

could pay the “fine,” money to these guys:

https://www.dhs.gov/topic/cybersecurity

and nip the schemes in the bud(s)?

Reply | Quote

I imagine it probably is based on the same principle as trying to block people from paying other ransom or extortion payments?

Reply | Quote

Does this thread assume that the “US Dept of Treasury” has jurisdiction over the entire world, and not just that part of it which is the US?

BATcher

Plethora means a lot to me.

2 users thanked author for this post.

GarthP, Fred

Reply | Quote

No. The articles and advisory refer to “U.S. persons” (anywhere in the world).

Reply | Quote

And, in the USA, “persons” includes “private companies.”

So, BATcher: reading the article one gets the impression that this is a ban directed especially at businesses, so if you are wondering whether to pay that ransomware or not, because of the grimacing skull sitting on those cross bones against a pulsating blood-red background now decorating you home computer’s monitor screen, I would think that maybe paying might not inevitably bring down on your head the full fury of the US government. But one never knows. Does the country where you live have an extradition treaty with the USA?

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

Reply | Quote

? says:

Oscar,

i got the grimacing skull and x-bones with pulsating red  davey jones backdrop back in ’04 on my brand new XP. burned it down and started over. too bad after all this time and misery all the king’s horses and all the king’s men haven’t been able to stop the madness…

Reply | Quote

Sounds 100% correct but unless every country does the same and everybody sticks to the advice much like scams, ransomware is here to stay.

Alternating offline back-ups may help people comply.

Reply | Quote

OscarCP wrote:

Does the country where you live have an extradition

We have the “International Criminal Court(ICC)” in The Hague,
is that what you mean?
https://internationaledag.nl/en/organisaties/international-criminal-court-icc/

* _ ... _ *

Reply | Quote

The United States did not join the International Criminal Court.

1 user thanked author for this post.

Fred

Reply | Quote

Frank, I was explaining to BATcher one should make sure if one’s country of residence does have or not an extradition treaty with the USA, so one (BATcher, let’s say) can(or cannot not) be extradited there and sent to Guantanamo, if said one dares pay the kidnappers their ransom money, besides meeting any other demands they might care to make. That’s all.

And thanks, Douglas, I was going to mention that about the ICCJ, but you spared me the effort.

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

Reply | Quote

Douglas wrote:

The United States did not join the International Criminal Court.

Yes @Douglas I know. I only wanted to point out that this is a action made by a single country, the usa, instead of to unite forces to try to tackle the ransom problem together and by the roots. Like the joined and internationally recently dismantled pgp-encryted telephonenetworks and computer-servers. All over the world many organisations and governments too are hit by these ransomcrooks, including schools universities hospitals townhalls ministeries and individuals. Many of them in all the countries did payof to get their very valuable data back; and then(!) organised better (I hope) their computerdata defenses. Years ago Interpol started to organise and bundle their policeforces trying to tackle this ransom evil, inwith France and Germany took the initiative. Even individuals can be helped by them. Giving penalties for genuinly  getting data back is quite peculiar, isn’t it?

* _ ... _ *

Reply | Quote

BATcher wrote:

Does this thread assume that the “US Dept of Treasury” has jurisdiction over the entire world, and not just that part of it which is the US?

apparently (what’s new?)

* _ ... _ *

Reply | Quote

I know a podiatrist with a large practice.  About six months ago, the practice was hit with ransomeware.  The backup of all the files was on the same computer network as the one infected by ransomeware.  Their (now fired) computer consultants not only put the backup on the same network as the original, but also also advised them to pay the ransomeware.

They paid the ransomeware, but the criminals did not correct the damage.

Believe it or not, the practice had no other backup of all their medical files.  Can you imagine the cost of restoring everything?

Albert Einstein was right (in one of my favorite quotes):

The difference between stupidity and genius is that genius has its limits.

 

6 users thanked author for this post.

wavy, GarthP, OscarCP, Microfix, SueW, Fred

Reply | Quote

This podiatrist should have been working in Canada , all his files would have been paper folders in a filing cabinet in Canada “medically” paper files are the latest thing.

Bob Forrest

Reply | Quote

@ MVP’s e.a. It can be very enlightening to read this very recent article published by the Interpol Police. This might broadens the outlook and opinion on the matter of Ransomware. The article contains a link to the download of the original .pdf file (10MB).

1. https://www.europol.europa.eu/activities-services/main-reports/internet-organised-crime-threat-assessment-iocta-2020

* _ ... _ *

Reply | Quote

another addition, that makes one very sad :
https://www.infosecurity-magazine.com/news/software-ag-datastealing/
instead of imposing fines and running a race, the nations should work together to solve this

A major German enterprise software company has become the latest tech name to suffer a likely ransomware attack featuring information theft.

IoT Software AG, which claims to have over 10,000 customers and annual revenue exceeding €800m, revealed the news in a brief update late last week.

Moderator Note: please add a precis for linked articles so users can decide if they wish to visit the site. Precis added.

* _ ... _ *

Reply | Quote