On March 27, 2024, the Cybersecurity and Infrastructure Security Agency (“CISA”) published a Notice of Proposed Rulemaking for the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (“CIRCIA”), which imposes new reporting requirements for entities operating in critical infrastructure
ransomware
Rare recovery in a complex ransomware case: Major NetWalker arrest leads to significant asset seizure
Norton Rose Fulbright Canada’s cyber litigation team recently obtained an order in favour of an insurer, granting it relief from forfeiture in respect of more than 11 bitcoins from the assets seized from a prolific ransomware gang.[1] This case…
Who gets to decide to pay the ransom in a ransomware attack?
The onslaught of ransomware attacks since the pandemic began has not slowed. Organizations have been faced with the task of continuously reviewing their cybersecurity programs to ensure they are following best practices to protect against ransomware groups. But organizations also…
US HHS OCR issues cyber extortion newsletter
This week, the US Department of Health and Human Services HHS Office for Civil Rights published a January 2018 newsletter focusing on cyber extortion.…
“But the emails” – companies’ SEC filings reflect ransomware risks
The Equifax breach will likely devour the entire breach news cycle in the near term, given the size of the incident and that it gets to the essence of the company’s business of maintaining some of the most sensitive consumer…
New Global Cyberattack Affects Businesses, Government, and Infrastructure
A new strain of malware began infecting computer systems across the globe on Tuesday. Similar to the WannaCry ransomware that struck last month, the malware used in this week’s attack spreads quickly across multiple computers on a network, encrypting files and displaying a ransom note that requests $300 worth of bitcoin for a decryption key.
Reports of infection began in Ukraine, where computer systems belonging to government ministries, financial institutions, transportation systems, and major energy companies began malfunctioning. The attack was first believed to be caused by a variant of the “Petya” strain of ransomware, however recent reports from security experts indicate that the malware used during this week’s attack was altered so that, even with a decryption key, encrypted files cannot be recovered. This fact has lead several sources to dub the malware “ExPetr” and speculate that the attacker’s motivations were destructive instead of financial.
WannaCry Ransomware Attack Summary
In this post, we summarize key facts regarding the WannaCry ransomware attack, provide an abbreviated list of known affected companies, and offer an overview of the legal issues and the response to the attack. This post is an update to our prior coverage of WannaCry.
Large Ransomware Attack Affects Companies in Over 70 Countries
A large-scale ransomware attack began impacting companies and hospitals across the United States, Europe, and Asia early Friday morning. According to reports, companies in more than 70 countries have reported incidents as of Friday afternoon.
The attacks are being…
FTC Enforcement Possible for Failing to Guard Against Ransomware
Recent comments by FTC Chairwoman Edith Ramirez suggest that a company’s failure to take preventative measures to address ransomware could result in an enforcement action by the FTC, even if a company is never actually subject to a ransomware attack. The Chairwoman’s comments reflect a growing concern among US government agencies regarding ransomware and may foreshadow additional FTC action, building upon a developing trend of US regulators engaging in pre-breach enforcement action.
Your Money or Your PHI: New Guidance on Ransomware
On June 12, 2016, the HHS Office of Civil Rights (OCR) released guidance, entitled “FACT SHEET: Ransomware and HIPAA,” in response to the rising number of ransomware attacks perpetrated against healthcare entities. The guidance addresses Health Insurance Portability and Accountability Act (HIPAA) issues that may arise when medical records containing Protected Health Information (PHI) are compromised or stolen during a ransomware attack. OCR’s view is that compliance with HIPAA’s information security requirements assists healthcare entities in preventing and recovering from ransomware attacks.