Category Archives: Ransomware

FBI and CISA Issue Advisory on Scattered Spider Ransomware Attacks

Key Takeaways:

  • The Federal Bureau of Investigation (FBI) and Cybersecurity & Infrastructure Security Agency (CISA) have jointly issued a cybersecurity advisory in response to recent activity by the threat actor group known as Scattered Spider.
  • Scattered Spider is known to target large companies holding sensitive data – including financial services, telecommunications, business process outsourcing, hospitality, and cryptocurrency firms – for ransomware attacks.
  • Scattered Spider largely relies upon impersonating IT support professionals and manipulating target company employees into sharing passwords or running malicious executables through remote access software.…
  • More

CISA and Partners Update the #StopRansomware Guide, Developed through the Joint Ransomware Task Force

On May 23, 2023, CISA, the Federal Bureau of Investigation (FBI), the National Security Agency (NSA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) published an updated version of the #StopRansomware Guide, as ransomware actors have accelerated their tactics and techniques since its initial release in 2020. The update incorporates lessons learned from the past two years and includes additional recommended actions,… More

Physical and Cyber-Attacks on Energy Infrastructure Expected to Continue

Over the past several years, the energy sector has become a prime target for hacking and ransomware attacks, with over 40 attacks on the industry since 2017.  Cyber attacks have only continued to rise, with a record high of 13 reported attacks in one year occurring in 2022.

Physical Security Threats to U.S. Energy Infrastructure

A new type of threat against the energy sector crystallized at the end of 2022: physical attacks on the grid. … More

HHS Office for Civil Rights Posts HIPAA Security Rule Security Incident Procedures

Every October, in recognition of National Cybersecurity Awareness Month, the federal government and its partners work to educate stakeholders on cybersecurity awareness and how best to protect the privacy and security of confidential data. Within the health care industry, the HIPAA Security Rule applies to covered entities and their business associates (“regulated entities”) and electronic protected health information (ePHI).  Because ePHI identifies individuals and includes information relating to an individual’s health,… More

Federal Agencies Issue Alert Regarding Maui Ransomware

On July 7, 2022, three federal agencies – the Federal Bureau of Investigation, the Cybersecurity and Infrastructure Security Agency, and the Department of the Treasury – issued a joint alert regarding Maui Ransomware, which has been linked to ransomware attacks on healthcare and public health entities carried out by North Korean state-sponsored cyber actors.

These are the key recommendations of the alert:

  • Since at least May 2021,…
  • More

CISA on Russia, Ukraine and Ransomware

According to the U.S. Cybersecurity and Infrastructure Security Agency (“CISA“), the potential hostilities between Russia and Ukraine are likely to spill over into cyber warfare.  In this month’s CISA Insights:

Every organization in the United States is at risk from cyber threats that can disrupt essential services and potentially result in impacts to public safety. Over the past year, cyber incidents have impacted many companies,… More

Ransomware Payments – OFAC Updates its Advisory and Congress Gets Involved

Ransomware payments continue to be a focus of the U.S. Treasury Department’s Office of Foreign Assets Control (“OFAC”). As previously reported by Foley Hoag, on October 1, 2020, OFAC released an advisory regarding potential sanctions risks related to facilitating ransomware payments. Almost a year later, on September 21, 2021, OFAC updated its advisory to provide additional guidance regarding what OFAC considers to be mitigating factors if facilitating a ransomware payment results in an apparent violation of U.S.… More

Ransomware Payments – OFAC Updates its Advisory and Congress Gets Involved

Ransomware payments continue to be a focus of the U.S. Treasury Department’s Office of Foreign Assets Control (“OFAC”). As previously reported by Foley Hoag, on October 1, 2020, OFAC released an advisory regarding potential sanctions risks related to facilitating ransomware payments. Almost a year later, on September 21, 2021, OFAC updated its advisory to provide additional guidance regarding what OFAC considers to be mitigating factors if facilitating a ransomware payment results in an apparent violation of U.S.… More

Biden Issues Memorandum Aimed at Improving Cybersecurity

On July 28, 2021, President Biden issued a Memorandum on Improving Cybersecurity for Critical Infrastructure Control Systems.  The Memo recognizes that the protection of the nation’s critical infrastructure lies not only with government, i.e., at the federal, state, local, tribal, and territorial levels, but with critical infrastructure owners and operators.  In addition, the Memo states that cybersecurity threats to critical infrastructure, and the systems that control and operate it,… More

Kaseya VSA Cyberattack: What Kaseya and the Feds Are Saying

If you aren’t following the ransomware attack on Kaseya’s VSA product and approximately 800-1500 of its users, you should be.  Like many cyberattacks, this one came on the verge of a holiday weekend.  As the company itself notes, “Kaseya’s VSA product has unfortunately been the victim of a sophisticated cyberattack.   Due to our teams’ fast response, we believe that this has been localized to a very small number of on-premises customers only. … More

Cybersecurity 2021 – The Year in Preview: Ransomware, the Latest Threat to the Nation’s Energy Supply

Editors’ Note:  This is the first in our fifth-annual end-of-year series examining important trends in data privacy and cybersecurity in the coming year.  

The Growing Threat of Ransomware

According to media reports, ransomware attacks against the manufacturing industry have more than tripled compared with last year. This dramatic rise in cyberattacks poses serious concerns about the vulnerability of critical energy infrastructure serving the nation’s electric grid,… More

CISA Issues Ransomware Alert for Activity Targeting the Healthcare and Public Health Sectors

On October 28, 2020, a joint cybersecurity advisory was coauthored by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS). This advisory describes the tactics, techniques, and procedures used by cybercriminals against targets in the healthcare and public health sectors to infect their systems with Ryuk ransomware for financial gain.

CISA,… More

Is Paying Ransomware Grounds for OFAC Sanctions? OFAC Says “Maybe”….

On October 1, 2020, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) issued an advisory to alert companies that might pay ransomware attackers of the potential sanctions risks for facilitating ransomware payments.  In particular, the alert targeted “financial institutions, cyber insurance firms, and companies involved in digital forensics and incident response….”  While this is an advisory and does not have the force of law,… More

Cybersecurity 2018 – The Year in Preview: Emerging Security Threats

Editors’ Note:  This is the second of a multi-part end-of-year series examining important trends in data privacy and cybersecurity during the coming year. Click here for our previous entry on HIPAA Compliance.  Up next:  trends in federal enforcement.

After one of Britain’s first victories in the Second World War, Winston Churchill declared that it was “perhaps, the end of the beginning” – a turning point in the war. … More

Watch: Privacy and Data Security for the Generalist In-House Counsel

Privacy and data security have rocketed to the top of the list of concerns for all corporate boards. Whether you are a technology company, a biotech, or a traditional widget maker, your company has confidential information about its products, customers and employees. And that information has to be protected as a matter of law, both by statute and under contracts with your customers and suppliers.

As in-house counsel,… More

Webinar on September 13: Privacy and Data Security for the Generalist In-House Counsel

Privacy and data security have rocketed to the top of the list of concerns for all corporate boards. Whether you are a technology company, a biotech, or a traditional widget maker, your company has confidential information about its products, customers and employees. And that information has to be protected as a matter of law, both by statute and under contracts with your customers and suppliers.… More

Deja Vu All Over Again: Massive Ransomware Attack Underway

A mere month and a half after the WannaCry strain of ransomware caused major havoc in European and Asian countries, another major ransomware attack hit large institutions across Europe and the United States yesterday.  ‎Hardest hit has been Ukraine, which has seen major attacks on its government, banks, and power infrastructure.  Other European firms such as Germany’s Deutsche Bahn railways and Danish shipping firm A.P.… More