Archives: Ransomware

For Educational Institutions, Post-Ransomware Harassment Requires A+ Messaging

By Benjamin Wanger and Pierce T. Cox on February 3, 2023 Posted in Ransomware

Privacy protection. Collage with personal info of African American man holding mobile phone.

Educational institutions have not been excluded from the ransomware epidemic, and stakeholder communications are critical to an effective response. In a typical double-extortion ransomware attack, threat actors demand that victims pay a ransom to decrypt systems and to prevent publication of stolen data. However, with a decline in the number of victims choosing to pay … Continue Reading

Florida Follows North Carolina in Prohibiting State Agencies from Paying Ransoms

By Elise Elam and Benjamin Wanger on July 19, 2022 Posted in Cybersecurity, Ransomware

We recently wrote about North Carolina’s new law prohibiting state agencies – including public schools and universities – from paying a ransom or even communicating with a threat actor following a ransomware incident. On June 24, Florida followed suit when its governor signed HB 7055 into law, amending portions of the State Cybersecurity Act (the … Continue Reading

DSIR Deeper Dive into the Data: Ransomware Front and Center

By Joseph L. Bruemmer and Elise Elam on June 16, 2022 Posted in Ransomware

There is no question that ransomware is here to stay. Thirty-seven percent of the matters we handled last year involved ransomware, compared to 27 percent of matters in 2020. In 2019, there were approximately 15 active ransomware threat actor groups. In 2021, we handled matters involving more than 80 different ransomware variants. Government entities and … Continue Reading

It’s Elementary: Measures that Educational Institutions Should Take to Prepare for Ransomware Attacks: Part 3

By Benjamin Wanger and Allison Clark on April 19, 2022 Posted in Ransomware

PART 1 PART 2 PART 3 In the event of a ransomware attack, there are a host of legal frameworks that could potentially be implicated. Whether those laws apply often depends on the nature of the data that the threat actor accessed and/or acquired. In this installment, we address the laws that could be implicated … Continue Reading

It’s Elementary: Measures that Educational Institutions Should Take to Prepare for Ransomware Attacks: Part 2

By Benjamin Wanger and Allison Clark on March 21, 2022 Posted in Ransomware

PART 2 The best way to ensure that an educational institution can respond quickly and effectively to a ransomware attack and minimize any chaos and confusion that accompanies such incidents is to have an incident response plan in place to outline the procedures to be followed after ransomware has been detected. In this posting, we … Continue Reading

It’s Elementary: Measures that Educational Institutions Should Take to Prepare for Ransomware Attacks: Part 1

By Benjamin Wanger and Allison Clark on February 28, 2022 Posted in Ransomware

PART 1 The ransomware epidemic has affected and continues to affect all industries, including healthcare, manufacturing and finance. Since 2020, however, the education industry has been targeted as much as or more than any other sector. Indeed, approximately 23 percent of the 1,250+ data security incidents that BakerHostetler helped clients manage over the past year … Continue Reading

Ted Kobus Discusses Rise of Ransomware Attacks on “Digital Detectives” Podcast

By Theodore J. Kobus III on November 20, 2020 Posted in Ransomware

Partner Ted Kobus is featured in the Nov. 19, 2020, episode of “Digital Detectives,” a Legal Talk Network podcast. Kobus spoke about the rapid increase in ransomware incidents in 2020 and what law firms should do in the event of an attack. Listen to the podcast or read the transcript.… Continue Reading

Was OFAC’s Advisory an October Surprise or More of the Same?

By Theodore J. Kobus III, Lee Casey and Barbara Linney on October 3, 2020 Posted in Ransomware

Ransomware has hit pandemic proportions and there does not seem to be a clear end in sight. On October 1, 2020, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) issued an advisory regarding ransom payments and the risk of sanctions violations associated with such payments. Background Ransomware has been around for … Continue Reading

Healthcare Providers Remain Targets for Ransomware Attacks in the Midst of COVID-19 Pandemic

By Benjamin Wanger and Sara Goldstein on April 1, 2020 Posted in Ransomware

Although it was widely reported that several ransomware threat actor groups have pledged to not target healthcare providers until the COVID-19 pandemic is over, BakerHostetler’s Digital Assets and Data Management Practice Group and Healthcare Privacy and Compliance team continue to see ransomware attacks launched against healthcare providers. In order to combat the COVID-19 pandemic, healthcare … Continue Reading

Surviving the Pandemic: Yes, You May Have to Pay a Ransom

By Eric A. Packel on March 5, 2020 Posted in Ransomware

We are in the midst of a global pandemic. This scourge is easily transmitted, and infections are difficult to eradicate. It learns from our defenses and then mutates into new variants. It comes in various forms, with exotic names such as Sodinokibi, GandCrab and Ryuk. Sometimes its effects are mild, but in many cases it … Continue Reading

Best Cybersecurity Practices for Healthcare Organizations – Ransomware Prevention

By Aleksandra Vold and Kathryn Carey on February 8, 2019 Posted in HHS, HIPAA/HITECH, Phishing, Ransomware

This article is part of a series of blog posts exploring the recommendations and guidance Health & Human Services (HHS) provides to healthcare organizations in its “Cybersecurity Best Practices” report. For previous articles in the series, click here. The report on cybersecurity best practices (Report) is not the first time HHS has discussed the prevalent … Continue Reading

Ways to Prevent & Prepare for Ransomware Attacks

By BakerHostetler on June 30, 2017 Posted in Ransomware

Ransomware was involved in 10 percent of the 450 breaches handled by our Privacy and Data Protection team in 2016. This week’s news about a global ransomware attack is another example that this trend is on the rise. Companies, governments and organizations around the world are grappling with what steps they should take to minimize … Continue Reading

Deeper Dive: Ransomware – WannaCry and the Future of Ransomware-as-a-Service

By Melinda L. McLellan and James A. Sherer on May 22, 2017 Posted in Cybersecurity, Data Breaches, Incident Response, Ransomware

In our 2017 BakerHostetler Data Security Incident Response Report, we addressed the increasingly ubiquitous scourge of ransomware, one of the fastest-growing types of malware causing data security incidents. We noted that ransomware attacks have been steadily expanding in both frequency and severity, and that those trends seemed set to continue for the foreseeable future. Less than a … Continue Reading

No More Tears: A Few Recommended Steps in Response to WannaCry Ransomware

By Erich Falke on May 13, 2017 Posted in Ransomware

On May 12, 2017, thousands of companies across the globe saw the first signs of a prolific malware outbreak. The malware, a ransomware variant labeled WannaCry, is capable of encrypting files on a device and moving laterally to encrypt files on associated file shares. On average, the ransom amount that is demanded is the equivalent … Continue Reading

Deeper Dive: Incorporating Incident Response Into Disaster Recovery Plans

By M. Scott Koller on May 8, 2017 Posted in Cybersecurity, Ransomware

Incident response and disaster recovery are both essential components of a comprehensive written information security program. However, too often these plans are implemented in a vacuum, without considering the potential synergies and improvements that can be gained when such plans are developed, deployed and tested together. Incident response and disaster recovery tend to have the … Continue Reading

Be Compromise Ready: Go Back to the Basics

By Theodore J. Kobus III and Craig A. Hoffman on April 13, 2017 Posted in Cybersecurity, Mobile Privacy, Online Privacy, Ransomware

We are excited to release our third annual BakerHostetler Data Security Incident Response Report. This report analyzes the more than 450 data security incidents we led clients through in 2016. Companies continued to experience incidents at a record pace, and we expect this will continue through 2017. We have received more calls to our breach … Continue Reading

Crowdsourcing Cybersecurity in 2017

By Craig A. Hoffman and Erich Falke on April 11, 2017 Posted in Cybersecurity, Ransomware

BakerHostetler began publishing its Data Security Incident Response Report in 2015. Although we were the first law firm to do so, inspiration for the report came from similar reports that cybersecurity firms issue. We will be publishing our 2017 Report on April 13, 2017, containing statistics and insights from the 450+ incidents we led clients … Continue Reading

Data Breach Trends — 2016: the Year of Ransomware

By M. Scott Koller on January 3, 2017 Posted in Ransomware

Over the past year, the BakerHostetler Incident Response team has closely monitored data breach trends, and we are confident in concluding that 2016 was the year of ransomware. Nothing has had a greater impact or has been as widespread in 2016 than ransomware. From a hospital in California to a police department in Massachusetts, ransomware … Continue Reading