The DOJ and the Department of Homeland Security ("DHS"), along with other federal partners, launched a new website - StopRansomware.gov - to combat the threat of ransomware. The website is a one-stop hub aimed at assisting private and public organizations to mitigate ransomware risk. The website contains resources that (i) explain what ransomware is, (ii) help visitors determine whether they have been hit by ransomware, and (iii) aid visitors in protecting themselves against ransomware attacks.
The initiative is intended to decrease the fragmentation of resources on ransomware attacks by offering "clear guidance" as to how such attacks should be reported and by providing the most recent ransomware-related alerts and threats from government agencies. The website includes resources from DHS's Cybersecurity and Infrastructure Security Agency, the U.S. Secret Service, the Federal Bureau of Investigation, the Department of Commerce's National Institute of Standards and Technology, and the Departments of the Treasury and Health and Human Services.
Commentary Steven Lofchie
In October of last year, FinCEN and OFAC warned financial institutions of the legal risks that firms took on by making ransomware payments; e.g., violations of OFAC sanctions regulations. Since then there have been a number of significant ransomware incidents where the U.S. Government implicitly consented to firms paying ransomware. The new site seems to take a much softer attitude towards firms paying ransom, cautioning that the payment of ransom is no assurance that a firm's data will be restored.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.