Who are ransomware attackers?
Ransomware attackers are difficult to identify because they often mask their IP addresses to retain the anonymity necessary to perpetrate attacks. Through tracking and investigations, law enforcement agencies have been able to identify some ransomware attackers as individuals on the dark web or terrorist groups.
Once identified, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) can impose sanctions that prevent ransom payments from being made to nefarious cyber criminals who pose a threat to individual and national safety and security. You should always be aware of the pros and cons of paying the ransom before deciding how to recover your files.
It is often speculated that ransomware attackers reside in countries where they can evade prosecution.
By reporting a ransomware attack, you can help law enforcement agencies identify, investigate and prosecute the cyber criminals who perpetrate ransomware attacks.