Now Available!
Join Us On LinkedIn
Join the Cybersecurity and Incident Response Group on LinkedInBeyond Colonial Pipeline, Ransomware Cyberattacks Are a Growing Threat – WSJ
The cyberattack that knocked offline an essential U.S. gasoline pipeline shows how the dangerous, professional-scale hack-for-ransom threat is spreading rapidly, targeting companies, schools, hospitals and other institutions. While ransomware has been a challenge for small businesses for years, a confluence of factors have emboldened attackers in the past year, culminating in the shutdown Friday of […]
U.S. Pipeline Shutdown Exposes Cyber Threat to Energy Sector – WSJ
The ransomware attack that forced the closure of the largest U.S. fuel pipeline this weekend showed how cybercriminals pose a far-reaching threat to the aging, vulnerable infrastructure that keeps the nation’s energy moving. Colonial Pipeline Co. closed its entire 5,500-mile conduit carrying gasoline and other fuels from the Gulf Coast to the New York metro […]
RTF Report: Combatting Ransomware
Ransomware is no longer just a financial crime; it is an urgent national security risk that threatens schools, hospitals, businesses, and governments across the globe. This is not a problem that any one entity can solve. Over 60 experts from industry, government, law enforcement, civil society, and international organizations worked together to produce this comprehensive […]
The Case For and Against Criminalizing Ransomware – Infosecurity Magazine
Earlier this year, the former CEO of the UK National Cyber Security Centre (NCSC), Ciaran Martin, spoke on the ransomware issue, arguing that it is being fuelled because there is no legal barrier to ransomware victims paying and then claiming back the expense on insurance. He argues that this means victims are incentivized to pay […]
Incident response pros seek to prove due diligence after OFAC advisory
Being coerced into paying a large ransomware demand is bad enough. Having to pay a large civil penalty on top of that for transacting with a federally sanctioned cybercriminal group is even worse. Looking to avoid such fines, incident response (IR) experts are advocating for improvements to ransomware response protocols, including additional oversight and demonstrable […]
Cybersecurity Docket Announces ‘Incident Response 40’ for 2021
Announcing Cybersecurity Docket’s Incident Response 40 for 2021!
University of California victim of nationwide hack attack
The University of California is warning its students and staff that a ransomware group might have stolen and published their personal data and that of hundreds of other schools, government agencies and companies nationwide. A cybersecurity attack targeted a vulnerability in Accellion, a third-party vendor that is used to securely transfer files, the university said […]
BitPay Agrees to Pay $507,375 to Settle OFAC Sanctions Violations – Corruption, Crime & Compliance
The Treasury Department’s Office of Foreign Asset Control continues to focus enforcement activities on digital currency companies. This focus is likely to increase given recent comments by Janet Yellen, the head of the Treasury department, criticizing digital currencies and the utility of this rapidly growing new technology. Last year, OFAC announced an enforcement action against […]
Acer hacked by ransomware gang demanding $50m ransom | TechRadar
The notorious REvil ransomware gang has reportedly attacked Taiwanese PC vendor Acer, demanding a $50 million ransom of cryptocurrency Monero to decrypt its computers. Working with a malware intelligence analyst from Malwarebytes, cyber-intelligence news site The Record, was able to track down a portal operated by the REvil gang that clearly spells the ransom, which […]
March 25 Webcast: Navigating Federal Cybersecurity Issues in High Risk Times
Please join Luke Tenery, Scott Boylan and Evan Wolff of this free webcast.
New Cybersecurity Program Prepares Professionals with Legal Knowledge: LAist
The University of Southern California’s (USC) Gould School of Law’s online Master of Studies in Law (MSL) program is tailored for professionals in a range of industries who are not attorneys, but who want to expand their expertise with essential legal skills and education. There are courses that span legalities of entertainment, health care, human […]
Digital Payment Service Provider Settles with OFAC for Apparent U.S. Sanctions Violations Associated with Digital Currency Transactions | Baker Botts
The BitPay settlement shows that OFAC expects that companies providing digital currency services understand the sanctions risks associated with their activities and take steps necessary to mitigate those risks. In other words, the OFAC compliance obligations for digital payment service providers, such as BitPay, are no different than those of any other financial service provider. […]
Hacker Claims to Have Stolen Files Belonging to Prominent Law Firm Jones Day – WSJ
“We have over 100 gigabytes of data,” the hacker wrote in response to an email from the Journal. The hacker, in the Journal’s correspondence, said it first reached out to Jones Day management on Feb. 3 and informed the firm that its network had been hacked and that data had been stolen. As of Tuesday, […]
Seeking Nominations for Cybersecurity Docket’s ‘Incident Response 30′ for 2021
Cybersecurity Docket welcomes your nominations for our ‘IR 30’ for 2021 — the 30 best Incident Response legal and compliance professionals in the industry.
A Ransomware OFAC Due Diligence Checklist | LinkedIn
This article suggests that by following the ransomware due diligence checklist set forth below, a ransomware victim who opts to pay the ransom can in the least mitigate the chances of a U.S. civil enforcement action or criminal prosecution, and perhaps even avoid U.S. government scrutiny altogether. Source: (26) A Ransomware OFAC Due Diligence Checklist | LinkedIn