Treasury updates guidance on potential liability for paying off ransomware attackers

The Treasury Department has updated its guidance on legal risks associated with making payments to ransomware attackers, underscoring that such payouts pose a national security threat and offering details on what a company should do if it is targeted by such an attack.

“The U.S. government strongly discourages all private companies and citizens from paying ransom or extortion demands and recommends focusing on strengthening defensive and resilience measures to prevent and protect against ransomware attacks,” according to the Treasury Department....