US government imposing fines for those companies paying ransomware

[NotATether]

This policy is stupid on so many levels, first of all what happens to a small business that gets hit with operarations-crippling ransomware and they are forced to pay a large ransom just to stay in business? Then they have to endure another (potentially large) fine just for paying to stay in business? This policy is ironically punishing victims instead of the perpetrators.

And what happens to state government offices and federal agencies that get ransomed, why do these somehow get a free pass? It's not like these have never been hacked with ransomware before.

Third this policy's sanctions are meaningless as they can't be pinpointed to a definite person, group or organization. Think about it, how are you supposed to enforce not trading when the other party is vaguely defined legally as "ransomware cybercriminals"?

Do you see the fallacy in trying to impose sanctions on such a legal entity?

[1714602035]

1714602035

[1714602035]

1714602035

[1714602035]

1714602035

[Harlot]

This policy is stupid on so many levels, first of all what happens to a small business that gets hit with operarations-crippling ransomware and they are forced to pay a large ransom just to stay in business? Then they have to endure another (potentially large) fine just for paying to stay in business? This policy is ironically punishing victims instead of the perpetrators.

And what happens to state government offices and federal agencies that get ransomed, why do these somehow get a free pass? It's not like these have never been hacked with ransomware before.

Third this policy's sanctions are meaningless as they can't be pinpointed to a definite person, group or organization. Think about it, how are you supposed to enforce not trading when the other party is vaguely defined legally as "ransomware cybercriminals"?

Do you see the fallacy in trying to impose sanctions on such a legal entity?

They aren't stopping the payment of the ransomware but they are gonna fine companies who will be handling the victim's money to transfer Bitcoin to the scammers/hackers like what I have mentioned in my previous post here. Also it's their money and I don't think the US government has the right to stop them especially if there business is on the line. But to think about paying money on your system which has been already corrupted by a ransomware do you really think it's worth it? Because even if you pay you there is no guarantee that you will be hit back again or what you will receive will be clean.

[malevolent]

Also it's their money and I don't think the US government has the right to stop them especially if there business is on the line.

Any country that enforces sanctions it has issued is likely to go after anyone found to be in violation of the sanctions, otherwise why bother issuing them in the first place?

Because even if you pay you there is no guarantee that you will be hit back again or what you will receive will be clean.

If there's no backup (or it doesn't work...), or the criminal is threatening to release the information publicly in their unencrypted form, there's enough of an incentive to pay if the encrypted data hold any value.