Tag Archives: malware

OFAC Doubles Down on Malware Cyber Actors

Photo of Barbara LinneyPhoto of Orga CadetBy Barbara Linney and Orga Cadet on Posted in Malware
The Office of Foreign Assets Control (OFACas added another cyber actor to the SDN list.  As a result, U.S. persons are prohibited from engaging in any dealings with the State Research Center of the Russian Federation FGUP Central Scientific Research Institute of Chemistry and Mechanics (TsNIIKhM), a Russian government research institution that is said to … Continue Reading

Trojan Malware Reclaims the Top Spot as the Greatest Cyber Threat to the Healthcare Sector

Photo of BakerHostetlerBy BakerHostetler on Posted in Cybersecurity, HIPAA/HITECH
Cybersecurity threats continued to plague the healthcare sector in 2018. Healthcare organizations notified twice as many individuals under HIPAA and other notification statutes in 2018 as compared with 2017. According to a new report from Malwarebytes Labs, 2019 State of Malware Report, trojan malware was the greatest threat to the healthcare sector in 2018.[1] Specifically, … Continue Reading

The Weekly Privacy Rewind

By Aaron Lancaster on Posted in Weekly Privacy Rewind
BIPA Medline and Con Tech Lighting Latest Illinois Employers Hit With Claims under BIPA • Two Illinois employers, Con Tech Lighting and Medline Industries, are the latest to face claims alleging violations of Illinois’ Biometric Information Privacy Act. • In the Con Tech complaint, the named plaintiff, who is seeking class certification, alleges that she … Continue Reading

Deeper Dive: Phishing/Hacking/Malware Attacks Remain Leading Cause of Security Incidents

By Lavonne Hopkins on Posted in Cybersecurity
During 2016, our BakerHostetler privacy and data protection team worked on data security incidents across virtually all industries. For the second year in a row, phishing/hacking/malware attacks have accounted for the largest percentage of incidents handled by our team. Specifically, security incidents arising from phishing/hacking/malware made up 43 percent of all security incidents we handled … Continue Reading

Deeper Dive: Human Error Is to Blame for Most Breaches

By Will R. Daugherty on Posted in Cybersecurity, Incident Response, Online Privacy
Each year, as companies implement the latest security technologies, attackers develop and launch new tactics, techniques, and procedures to circumvent those technologies. While investment in security defense and detection technologies is an essential component to building an effective defense-in-depth strategy, the reality is that most breaches can be traced back to human error. In our … Continue Reading

BakerHostetler Data Security Incident Response Report Reveals Being “Compromise Ready” Better Positions Companies to Respond to Incidents

Photo of Theodore J. Kobus IIIBy Theodore J. Kobus III on Posted in Incident Response, News, Online Privacy
On March 30, 2016, we released our second annual Data Security Incident Response Report. Key findings show that phishing/hacking/malware was the cause of 31% of data security incidents during 2015, revealing a shift from 2014 when human error was the leading cause. The report also continues the inaugural-year theme that no industry is immune to … Continue Reading

An Ounce of Prevention Is Better (and Cheaper) Than a Pound of Cure: It’s time for a data protection checkup.

By Alan L. Friel on Posted in Cybersecurity, Incident Response, Information Governance, Online Privacy
We recently released the first BakerHostetler Data Security Incident Response Report, which provides insights generated from the review of more than 200 incidents that our law firm advised on in 2014. The report shows that human error was the number one cause of data security incidents we worked on last year, with employee negligence responsible … Continue Reading

Malware Incident at Mental Health Nonprofit Leads to $150K Settlement with OCR

By Cory J. Fox on Posted in HIPAA/HITECH, Medical Privacy
As cyberattacks targeting the healthcare industry continue to escalate, the U.S. Department of Health and Human Services Office for Civil Rights (OCR) has published its first-ever resolution agreement stemming from an incident involving malware, highlighting the importance of reviewing systems for unpatched and unsupported software that can leave patient information susceptible to malware and other … Continue Reading

Secret Service Raises Warning About Backoff POS Malware

Photo of Craig A. HoffmanBy Craig A. Hoffman on Posted in Information Security, Online Privacy, Retail Industry
The Secret Service, which investigates financial crimes, issued a security Alert on July 31, 2014, warning of malware named “Backoff” that was being used to steal payment card data from point-of-sale (POS) systems.  The Alert notes that the attackers often gain initial network access by stealing or brute-forcing the passwords for remote desktop applications (e.g., … Continue Reading

Visa Loses Motion to Dismiss in Genesco Case – Are the Days for PCI Assessments Numbered?

Photo of Craig A. HoffmanBy Craig A. Hoffman on Posted in Financial Privacy
Co-Authored by: Judy Selby In a highly anticipated decision, a federal court in Tennessee let stand a retailer’s claims against Visa for violation of California’s Unfair Competition Law (UCL) and for common law claims for unjust enrichment and restitution arising out of fines and assessments levied by Visa in the wake of a massive data … Continue Reading

APT Threat Report Shows Cybersecurity Risks Not Limited to Identity Theft

Photo of Craig A. HoffmanBy Craig A. Hoffman on Posted in Cybersecurity
We often talk to companies who believe they are an unlikely target for hackers because they do not have financial account information, Social Security numbers, or medical information.  However, personal information is not the only item hackers are after.  Indeed, the chief of the United States Cyber Command and director of the National Security Agency … Continue Reading

Fake Bin Laden Death Videos Contain Malware That Steals PII

Photo of Gerald J. FergusonBy Gerald J. Ferguson on Posted in Information Security
The weakest link in our defense to computer security attacks can be our natural curiosity.  The U.S. Federal Bureau of Investigation issued a warning for computer users that the latest hacking scam circulating the internet are messages claiming to include photos and videos of Osama bin Laden’s death.  These messages actually contain a virus that … Continue Reading
LexBlog