Pub15-2020-2021-Issue5

WWW.NEBANKERS.ORG 12 OFAC Guidance on Ransomware Payments On Oct. 1, 2020, the Office of Foreign Asset Control (OFAC) issued guidance on the payment of ransoms for victims of ransomware to recover from an attack. The guidance reminds everyone that payments for ransomware can go to support nation-state actors, terrorist groups and organized crime. The Evolution of Ransomware Ransomware has existed for many years now. One of the first instances of encryption malware can be traced to the PC Cyborg virus in 1989 . And the ransom payment for the decryp - tion process began in 2005 and continued in several different strains. But, in 2011, cryptocurrencies began to emerge which allowed for global payments outside of the traditional banking processes. The rise of Bitcoin and other cryptocurrencies led to a rise in the ransomware attacks because the payment of the ransom could be conducted with relative ease and anonymity. The general response to ransomware by companies has been greater IT security and multiple backups to enable re- covery from ransomware in a relatively short period of time. Offline backups have become particularly important because COUNSELOR’S CORNER Bob Kardell, Attorney, Baird Holm LLP and Halle Hayhurst, Law Student and Summer Associate, Baird Holm LLP they should be insulated from encryption malware and can help companies recover without having to pay a ransom to the attackers. The response from companies has been so good though, ransomware attackers have turned to a different method of attack – extortion. Several groups of ransomware attackers now exfiltrate information from networks before the encryption process begins. The exfiltration of the data allowed the attackers to capture, review, and threaten exposure of potentially sensi- tive data even if the company were able to recover from the encryption attack by using their offline backups. Bitcoin Used by Terrorists Over the past year there have been many reports of gov - ernment seizures of cryptocurrency which were being used by terrorist groups. In August the Department of Justice (DOJ) announced the largest seizure of terrorist organizations crypto currency assets. The seizure was part of an investiga- tion into three different terrorists’ networks: the al-Qassam Brigades, al-Qaida, and Islamic State of Iraq and the Levant (ISIS). Each of the organizations was using crypto- currency to solicit donations from around the world and to move money and pay assets around the world. In September, the French police arrested 29 people tied to cryptocurrency transactions designed to finance Islamist extremists. In January 2020 the MIT Technology Review reported that criminals had laundered about $2.8 Billion through the use of Bitcoin in 2019. And Advanced Persistent Threat actors (APT32) was re- cently caught deploying cyber espionage software along with cryptocurrency miner software. The rise of cryptocurrency has allowed millions of dollars to move around the globe outside of traditional financial mar - kets. Bitcoin accounts for only 0.04% of the world’s money, but it is roughly worth $106 Billion dollars . Although the per- centage of total money is small, the amount of money that can be moved outside the purview of traditional banking is quite substantive. Criminal groups, nation-state actors, and terror- ists have all seen the possibilities of moving money outside of the traditional market to hide the source, nature, destination and use of the money.