On October 28, 2020, a joint cybersecurity advisory was coauthored by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS). This advisory describes the tactics, techniques, and procedures used by cybercriminals against targets in the healthcare and public health sectors to infect their systems with Ryuk ransomware for financial gain.
CISA,… More
On October 6, 2020, the Department of Homeland Security (“DHS”) released a 2020 Homeland Threat Assessment (“HTA”). According to Acting Secretary Chad F. Wolf, the “first of its kind report” identifies the primary threats facing the nation and analyzes the vast array of information coming from all DHS operational components that crosses his desk on a daily basis. “When the American people read this HTA they will be more aware of the traditional threats facing the Homeland like terrorism and organized crime. … More
On October 1, 2020, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) released an advisory regarding potential sanctions risks related to facilitating ransomware payments, as covered in this post from Foley Hoag’s Security, Privacy, and the Law blog.
OFAC is the federal agency responsible for implementing and enforcing U.S. sanctions against individuals, entities, and foreign governments involved in terrorism,… More
As founding counsel and a continuing member of the Advanced Cybersecurity Center, Foley Hoag is pleased to invite you to join us in these two programs, part of the ACSC’s 10th annual conference.
Foley Hoag partner Colin Zick weighs in on large health systems putting substantial resources into IT. “It’s not being ignored, but it’s a tough problem. Ransomware is turning into a big business.”
Click here to read the full Fierce Healthcare article. More
On October 1, 2020, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) issued an advisory to alert companies that might pay ransomware attackers of the potential sanctions risks for facilitating ransomware payments. In particular, the alert targeted “financial institutions, cyber insurance firms, and companies involved in digital forensics and incident response….” While this is an advisory and does not have the force of law,… More