By Catherine Powell
As scary as having hackers demand you pay a cyber ransom or have your data destroyed, what's even scarier is the act of paying up could put you in Dutch with federal law. As of October 2020, the US Department of Treasury's Office of Foreign Assets Control (OFAC) made it illegal to pay hackers a ransom. That's right, if you're found in violation of either the Trading With the Enemy Act or the International Emergency Economic Powers Act, you could face stiff penalties including fines and/or jail. What's even more alarming is that the very banks you do business with are required to file a Suspicious Activity Report should an individual or company be suspected of attempting to move funds of $5,000 or more that could be potentially used to pay hackers a ransom.
Why are the feds trying to punish the victims of cybercrime? Since 2010, the FBI has known that ransomware attacks in the US were taking place, although most of the initial victims were banking institutions. Then the game changed three years later. In 2013 alone, more than 150,000 computers owned by individuals and businesses in this country were infected with ransomware called Cryptolocker. Cryptolocker was even used in one case to force a police department in Massachusetts to cough up $750 to get one of their computers back in operation. Even though the average ransom demands were low ($300-$500 apiece) the losses totaled tens of millions of dollars. The FBI caught a break in the case when they eventually determined the developer of Cryptolocker was Evgeniy Mikhailovich Bogachev, However, they were unable to prosecute him due to the fact that he was located in Russia where they had no jurisdiction. To date, Evgeniy and his cyber gang are still at large.
Since that time, there have been many different variations of ransomware that have been used to bilk the public. A new ransomware named SamSam reared its ugly head in 2015. For the next three years, it was used to infect companies and government offices. OFAC later revealed a pair of Iranians to be involved in funneling the proceeds of SamSam to the ring leaders. Two years later, the aptly named WannaCry ransomware was unleashed on no fewer than 300,000 computers worldwide. This attack was later attributed to the Lazarus Group, a hacking collective based in North Korea.
The reasons the government doesn't want the public and companies to pay offshore cybercriminals is obvious. They don't want to support individuals, collectives, regimes, and/or countries on their sanctions list. Since sending or facilitating anyone already on the list is already illegal, making the law apply to victims of cybercrime was seen as another way to stem the flow of funds to criminal enterprises. However, since victims of cybercrime have little choice in the matter unless they wish their data to be shredded, the move is tantamount to arresting a mugging victim while the mugger is still at large since the victim should have known they could be victimized. Whether the new law will prove to be constitutional is another matter. In the meantime, there are a few things you can do to keep from becoming a ransomware victim times two.
1. Keep all your software up to date. - The fastest way to let criminals in the door is to leave it unlocked. If your software isn't kept up to date, there's a high probability that a known vulnerability can easily be exploited by hackers to gain access to your system.
2. Back up your hard drive daily. - This way if your computer is infected with ransomware, any capable IT professional will be able to help you reconfigure your system and recover lost data without having to give in to the hackers' demands.
3. Spend a few dollars more to make a hacker's job harder. - Invest in a virtual private network that will make it impossible for hackers to zero in on your IP address. They'll also be forced to deal with the VPNs encryption algorithm if they hope to make sense of the data being transmitted by your device.
4. Eliminate dangerous browsing habits. - If you, your family, or your employees don't employ safe web surfing habits, you're giving hackers the keys to the vault. That means stay off potentially perilous websites, don't fall for phishing and clickbait traps, and make sure you don't make it easy for the bad guys to compromise your devices. Never accept or use someone else's thumb drive or USB stick. These can easily be used to deliver a malware payload. If you do use public Wi-Fi hotspots, make sure you employ a VPN, since hotspots are likely hotbeds of hacking activity.
5. If you do download apps or software, only use secure sites. - Make sure you and yours rely on trusted sites and avoid freeware that can contain unwanted digital hitchhikers with every download. If any url fails to begin with the letters https://, do not download software contained therein. It's all too easy for hackers to create clones of known software purveyors in order to pray on unsuspecting web surfers.
6. If your device becomes infected with ransomware immediately shut the device down and remove the battery. Then take it to your nearest IT professional. Doing anything else is just going to allow the malware to further infiltrate your device.
7. If you own a business, consider procuring cyber insurance. - Not only do many policies cover you for losses due to ransomware attacks, but they can also be instrumental in helping you mitigate any damage done to your network and liability caused by hackers.
Catherine Powell is the owner of A Plus All Florida, Insurance in Orange Park, Florida. To find out more about saving money on all your insurance needs, check out her website at http://aplusallfloridainsuranceinc.com/