ransomware

On April 7, 2022, the U.S. Cybersecurity & Infrastructure Security Agency (“CISA”) announced the publication of its Sharing Cyber Event Information Fact Sheet (“Fact Sheet”) intended to provide clear guidance to critical infrastructure owners and operators and government partners on voluntary information sharing about “unusual cyber incidents or activity.”  In its announcement, CISA explained that it will use the information provided to fill “critical information gaps,” deploy resources, analyze trends, issue warnings, and “build a common understanding of how adversaries are targeting U.S. networks and critical infrastructure sectors.”

CISA’s announcement of the Fact Sheet encourages entities to visit its Shields Up website for more information; the Shields Up website was recently updated with guidance in response to the heightened risk of Russian cyber attacks.  The Shields Up website recommends that “all organizations—regardless of size—adopt a heightened posture when it comes to cybersecurity and protecting their most critical assets” and provides detailed guidance that entities can use to protect themselves.
Continue Reading CISA Issues Voluntary Information Sharing Guidance for Critical Infrastructure Owners and Operators and Provides Resources for All

On September 30, 2020, the Cybersecurity and Infrastructure Security Agency (“CISA”) and the Multi-State Information Sharing and Analysis Center (“MS-ISAC”) released a joint guide synthesizing best practices to prevent and respond to ransomware.  This guide was published the day before OFAC and FinCEN released their coordinated guidance on ransomware attacks that we previously summarized here.

Ransomware is malware that encrypts data on a victim’s device, thus rendering the data inaccessible, until a ransom is paid in exchange for decryption.  Both the nature and scope of ransomware incidents have become “more destructive and impactful” in recent years.  In particular, tactics of malicious actors include threatening to release stolen data or publicly naming victims as part of the extortion.  Accordingly, the guide encourages organizations to take proactive efforts to manage risks posed by ransomware and recommends a coordinated response to mitigate its impact.
Continue Reading CISA and MS-ISAC Release Joint Guide on Ransomware

Consistent with the U.S. Department of the Treasury’s ongoing focus on cyber-enabled financial crime, on October 1, 2020, two components of the Treasury Department’s Office of Terrorism and Financial Intelligence issued guidance on ransomware-related payments.  One, an advisory issued by the Office of Foreign Assets Control (“OFAC”), describes the significant U.S. sanctions risks of facilitating ransomware payments, and expresses a strong policy preference against doing so.  The second, an advisory issued by the Financial Crimes Enforcement Network (“FinCEN”), alerts financial institutions to trends and indicators of ransomware-related money laundering.  Both underscore the difficult decisions faced by ransomware victims and third parties who assist them as they seek to navigate the loss of access to key data on the one hand, and increasingly significant regulatory risks that making a ransomware payment could entail on the other.
Continue Reading Coordinated OFAC and FinCEN Guidance on Ransomware Attacks Underscores the Regulatory Risk and Complexity of Paying a Ransom

The FTC has become the most recent regulator to take a closer look at ransomware and its impact on consumers. During the FTC’s September 7, 2016, Fall Technology Series on Ransomware, Chairwoman Edith Ramirez announced that the FTC will soon release guidance to businesses on how to protect against ransomware.

Ransomware is a malicious software