As ransomware-related payments surged toward $600 million in the first half of 2021, the U.S. government knew it needed to do more to fight back against cyber criminals.
For many years, the Treasury’s Office of Foreign Assets Control (OFAC) had a Specially Designated Nationals and Blocked Persons List (SDN List for people or organizations acting against the national security, foreign policy and sanctions policy objectives of the United States).
But since 2021, the U.S. Department of Justice (DOJ) has upped the ante to tackle the growing problem. After all, most of the attacks were on government bodies, educational institutions and health care organizations.
This post will explore how the DOJ has been cracking down and reflect on how the tighter stance has impacted ransomware groups.
What is the U.S. Government Doing to Stop Ransomware Attacks?
In September 2021, OFAC announced its intent to take a stronger stance against sanctioned ransomware groups. The updated advisory makes it clear the U.S. government:
Discourages all private organizations and citizens from paying extortion demands to ransomware groups
Asserts that paying the ransom may advance the group’s illicit goals — with more funding, hackers could target national security objectives
Warns companies may face civil penalties for paying ransoms.
In May 2022, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) formed the Joint Ransomware Task Force (JRTF) to tackle the growing threat of ransomware gangs. The DOJ also announced government fighting against ransomware
