skip to main content
X

Services

Technology, Risk & Compliance

Cyber attacks are more common than ever in our internet-driven world. Our approach to cybersecurity utilizes a 360° view that includes people, processes, and technology. 

DEPARTMENT OF TREASURY WARNS OF POSSIBLE FINES FOR RANSOMWARE PAYMENT

DEPARTMENT OF TREASURY WARNS OF POSSIBLE FINES FOR RANSOMWARE PAYMENT

The Department of the Treasury released an advisory (see full advisory here) to companies regarding potential fines for sending ransomware payments related to malicious cyber-enabled activities.

Ransomware is a form of malicious software (“malware”) designed to block a company’s access to their own computer system or data by cyber criminals encrypting data or programs. Once this is accomplished, these criminals will attempt to extort ransom payments to decrypt the information and restore the victim company access to their systems or data.

OFAC enforces sanctions based on U.S. foreign policy and national security goals
The Treasury’s Office of Foreign Assets Control (OFAC) administers and enforces economic and trade sanctions based on U.S. foreign policy and national security goals against targeted foreign countries and regimes, terrorists, and international narcotics traffickers.

Demand for ransomware payments has increased during the COVID-19 pandemic as cyber actors target online systems that U.S. persons rely on to continue conducting business. In the advisory, the Treasury Office makes it clear that if a ransomware payment is made to an entity that is on the OFAC list of sanctioned entities, those involved in facilitating the payment can face significant fines.

Protect your Bottom Line: If your company becomes the victim of a ransomware attack and is incapacitated, it is the responsibility of the victim company and/or third-party consulting firms assisting them to contact OFAC prior to facilitating any payments to cyber criminals.

If your company is unsure of your ability to recover from a ransomware attack, UHY Consulting can help you develop a proactive, comprehensive incident response plan that includes developing your backup strategy, enhancing your patch management, increasing your incident detection and response capabilities, and taking other necessary steps to help ensure your business can respond to and recover from a ransomware attack and avoid any OFAC fines.

HAVE A QUESTION?

Please complete this form to hear from one of our experienced cybersecurity professionals

 

Hide Firm Disclaimer

©2020 UHY LLP. ALL RIGHTS RESERVED.

UHY LLP is a licensed independent CPA firm that performs attest services in an alternative practice structure with UHY Advisors, Inc. and its subsidiary entities. UHY Advisors, Inc. provides tax and business consulting services through wholly owned subsidiary entities that operate under the name of "UHY Advisors." UHY Advisors, Inc. and its subsidiary entities are not licensed CPA firms. UHY LLP and UHY Advisors, Inc. are U.S. members of Urbach Hacker Young International Limited, a UK company, and form part of the international UHY network of legally independent accounting and consulting firms. "UHY" is the brand name for the UHY international network. Any services described herein are provided by UHY LLP and/or UHY Advisors (as the case may be) and not by UHY or any other member firm of UHY. Neither UHY nor any member of UHY has any liability for services provided by other members.

On this website, (i) the term "our firm", "we" and terms of similar import, denote the alternative practice structure conducted by UHY LLP and UHY Advisors, Inc. and its subsidiary entities, and (ii) the term "UHYI" denotes the UHY international network, in each case as more fully described in the preceding paragraph.