CISA issues proposed rules for cyber incident reporting in critical infrastructure
Posted in Cybersecurity, GeneralTag archives: ransomware
Posted in Cybersecurity, GeneralRare recovery in a complex ransomware case: Major NetWalker arrest leads to significant asset seizure
Norton Rose Fulbright Canada’s cyber litigation team recently obtained an order in favour of an insurer, granting it relief from forfeiture in respect of more than 11 bitcoins from the assets seized from a prolific ransomware gang.[1] This case was the first of its kind and confirms an insurer’s ability to seek recovery for losses … Continue reading
Who gets to decide to pay the ransom in a ransomware attack?
Posted in Cybersecurity, Data breach, Ransomware
The onslaught of ransomware attacks since the pandemic began has not slowed. Organizations have been faced with the task of continuously reviewing their cybersecurity programs to ensure they are following best practices to protect against ransomware groups. But organizations also need to be prepared to respond to such an attack if their cybersecurity practices are … Continue reading
US HHS OCR issues cyber extortion newsletter
Posted in Regulatory response
This week, the US Department of Health and Human Services HHS Office for Civil Rights published a January 2018 newsletter focusing on cyber extortion.… Continue reading
“But the emails” – companies’ SEC filings reflect ransomware risks
Posted in Compliance and risk management, Data breachThe Equifax breach will likely devour the entire breach news cycle in the near term, given the size of the incident and that it gets to the essence of the company’s business of maintaining some of the most sensitive consumer information. Still, in what for the moment might seem like a more pedestrian risk, companies … Continue reading
New Global Cyberattack Affects Businesses, Government, and Infrastructure
A new strain of malware began infecting computer systems across the globe on Tuesday. Similar to the WannaCry ransomware that struck last month, the malware used in this week’s attack spreads quickly across multiple computers on a network, encrypting files and displaying a ransom note that requests $300 worth of bitcoin for a decryption key. … Continue reading
WannaCry Ransomware Attack Summary
In this post, we summarize key facts regarding the WannaCry ransomware attack, provide an abbreviated list of known affected companies, and offer an overview of the legal issues and the response to the attack. This post is an update to our prior coverage of WannaCry.… Continue reading
Large Ransomware Attack Affects Companies in Over 70 Countries
A large-scale ransomware attack began impacting companies and hospitals across the United States, Europe, and Asia early Friday morning. According to reports, companies in more than 70 countries have reported incidents as of Friday afternoon. The attacks are being caused by ransomware called “WannaCry,” which quickly moves across systems to encrypt large amounts of computer … Continue reading
FTC Enforcement Possible for Failing to Guard Against Ransomware
Recent comments by FTC Chairwoman Edith Ramirez suggest that a company’s failure to take preventative measures to address ransomware could result in an enforcement action by the FTC, even if a company is never actually subject to a ransomware attack. The Chairwoman’s comments reflect a growing concern among US government agencies regarding ransomware and may … Continue reading
Your Money or Your PHI: New Guidance on Ransomware
On June 12, 2016, the HHS Office of Civil Rights (OCR) released guidance, entitled “FACT SHEET: Ransomware and HIPAA,” in response to the rising number of ransomware attacks perpetrated against healthcare entities. The guidance addresses Health Insurance Portability and Accountability Act (HIPAA) issues that may arise when medical records containing Protected Health Information (PHI) are compromised … Continue reading
Ransomware Incident Response – Prevention, Readiness and Strategy
Last week, the Hollywood Presbyterian Medical Center was able to successfully negotiate the release of a collection of system resources and data files that had been encrypted and held hostage by ransomware attackers. Ransomware is a peculiar type of malware that is not designed or intended to steal personal or confidential information. Rather, ransomware is … Continue reading
