Update: OFAC Advice on Ransomware Payments

Written by
Russell Greenwald

Go Back

As Ransomware attacks continue their prevalence through the year, multiple industries are changing their approach to handling incoming threats.

Insource has previously written about the benefits of cyber liability insurance, a type of insurance policy that can protect and minimize the impact of ransomware upon your organization’s finance. However, as the number of attacks has increased, the way most organizations deal with ransomware has had to change – and the OFAC Advice on Ransomware has changed, too.

Current advice posits that the best protection right now is good security posture, as paying the attackers their ransom can no longer be relied upon as a long-term solution.

The official stance from the U.S. government has also changed. Last month, an update from the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) described potential sanctions against those who facilitate ransomware payments.

The statement highlighted that, as the demand for ransomware payments has increased during the COVID-19 pandemic, those who pay the ransomware attackers could be seen as encouraging the use of future attacks, and will risk violating OFAC regulations.

The OFAC encourages victims of ransomware attacks to get in contact immediately if they believe a payment request may involve a sanctions nexus, if an attack involves a U.S. financial institution, or if the attack is likely to cause significant disruption to an organization’s ability to perform critical financial services.

The full statement on the OFAC advice on ransomware can be found here.

Insource is dedicated to providing important cybersecurity updates through our blog and social channels, so be sure to follow us, and keep an eye out for new content and updates.

Follow us here:




If you’d like to discuss any of the above or would like us to help make sure your organization is as protected as it can be, get in touch with Insource today. We can help put systems in place that mitigate the risks associated with ransomware and many other potential threats.

Email us at insource@insourceservices.com, or call on (781) 235-1490.