October is Cybersecurity Awareness Month! In this GT Bulletin, Shareholders Jena Valdetero and Kevin Scott highlight five key trends that should be top-of-mind for businesses and organizations to protect their data systems and remain in compliance with the various rules to which they are subject. Click here to watch the full GT Bulletin.
In this article, we discuss today’s most prevalent types of ransomware attacks, considerations for whether to make the ransom payment, the Financial Crimes Enforcement Network (FinCEN) and Treasury’s Office of Foreign Asset Control’s (OFAC) ransomware guidance, and the U.S. government’s efforts in connection with these attacks.
Russia’s attack on Ukraine has resulted in historic and escalating U.S. sanctions, impacting companies who do business with Russia or Russian-affiliates and creating risks even for companies who do not. Since 2020, the number and sophistication of ransomware attacks has spiked, largely perpetuated by organized criminal groups in Russia and Eastern Europe. In light of
On Feb. 25, 2022, one of the top 10 ransomware threat actor groups, Conti, issued a statement announcing its “full support” of the Russian government and threatening “to use all our possible resources to strike back at critical infrastructures of an enemy” who “organize[s] a cyberattack or any war activities” against Russia. Conti followed up
A ransomware attack on a major U.S. gas pipeline sharpened people’s concerns about cybercrime in 2021, while the Biden administration balanced working with the private sector and threatening penalties for keeping breaches secret. GT Shareholder Jena M. Valdetero was mentioned in this article on cybersecurity steps the Biden administration has taken, published by Law360 Dec.
December 2021 has brought with it holiday cheer and an uptick in distributed denial of service attacks (DDOS) attacks. DDOS attacks are fast becoming a new tool in the extortionist threat actor’s toolkit. DDOS attacks are attractive because they don’t require attackers to actually hack into a company’s systems. Instead, a DDOS attack targets a
On May 6, 2021, Colonial Pipeline was attacked by ransomware suspected to have originated in Eastern Europe or Russia, allowing cyber criminals to penetrate a major utility with significant impact on the entire US eastern seaboard’s economy. From the perspective of vulnerability, the Colonial Pipeline attack was a significant wake-up call–a Pearl Harbor moment for
On May 12, 2021, President Biden issued an executive order entitled Improving the Nation’s Cybersecurity (EO). The EO was released only days after the cyberattack impacting Colonial Pipeline, and several months following discovery of the penetration of various federal agencies as a result of the Solar Winds cyber breach by Russian hackers in 2019. The
Shareholder Jena M. Valdetero is quoted in a Law360 article titled “COVID Inflamed Damaging Year For Data Breach Victims.” Click here to access the Law360 article (subscription required).