S&C Critical Insights – Treasury Department Advisories on Ransomware AttacksNovember 13, 2020
In this episode of S&C’s Critical Insights podcast series, Nicky Friedlander, co-head of S&C’s Cybersecurity Practice, and Eric Kadel, co-head of the Firm’s Economic Sanctions and Financial Crime practice, are joined by associate Trevor Chenoweth to discuss two recent Treasury Department advisories on payments made in connection with ransomware attacks.
Nicky and Eric provide an overview of ransomware, malicious software used by cybercriminals to encrypt computer systems and data until a demand for ransom is paid. They explain the new advisories issued by the Financial Crimes Enforcement Network concerning the need for financial institutions to detect and report ransomware payments, and by the Office of Foreign Assets Control concerning the risks of transacting with sanctioned parties in connection with ransomware attacks. Nicky and Eric explore why both agencies have released these advisories, what banks should do if they know a requested payment will be made in connection with a ransomware attack, and potential future enforcement in this area.