Tag Archives: Ransomware

NYDFS Proposed Amendments to Its Cybersecurity Rules

Photo of Patrick H. HaggertyPhoto of Elise ElamBy Patrick H. Haggerty and Elise Elam on Posted in Cybersecurity
On July 29, the New York Department of Financial Services (NYDFS) released Draft Amendments to its Part 500 Cybersecurity Rules that include a number of significant amendments to the rules, including notification requirements such as a mandatory 24-hour notification for cyber ransom payments, specific requirements for newly defined larger entities, increased expectations for oversight of … Continue Reading

Florida Follows North Carolina in Prohibiting State Agencies from Paying Ransoms

Photo of Elise ElamPhoto of Benjamin WangerBy Elise Elam and Benjamin Wanger on Posted in Cybersecurity, Ransomware
We recently wrote about North Carolina’s new law prohibiting state agencies – including public schools and universities – from paying a ransom or even communicating with a threat actor following a ransomware incident. On June 24, Florida followed suit when its governor signed HB 7055 into law, amending portions of the State Cybersecurity Act (the … Continue Reading

DSIR Deeper Dive into the Data: Ransomware Front and Center

Photo of Joseph L. BruemmerPhoto of Elise ElamBy Joseph L. Bruemmer and Elise Elam on Posted in Ransomware
There is no question that ransomware is here to stay. Thirty-seven percent of the matters we handled last year involved ransomware, compared to 27 percent of matters in 2020. In 2019, there were approximately 15 active ransomware threat actor groups. In 2021, we handled matters involving more than 80 different ransomware variants. Government entities and … Continue Reading

North Carolina is the First State to Prohibit Public Entities from Paying Ransoms: What Does This Mean for North Carolina Public Schools and Universities?

Photo of Elise ElamPhoto of Benjamin WangerBy Elise Elam and Benjamin Wanger on Posted in Data Counsel
On April 5th, North Carolina became the first state to prohibit state agencies and local governments from paying ransoms after becoming victims of a ransomware attack. Indeed, in addition to prohibiting said entities from paying ransoms, North Carolina’s new law actually goes so far as to prohibit a public entity from even communicating with threat … Continue Reading

It’s Elementary: Measures that Educational Institutions Should Take to Prepare for Ransomware Attacks: Part 3

Photo of Benjamin WangerPhoto of Allison ClarkBy Benjamin Wanger and Allison Clark on Posted in Ransomware
PART 1 PART 2 PART 3 In the event of a ransomware attack, there are a host of legal frameworks that could potentially be implicated.  Whether those laws apply often depends on the nature of the data that the threat actor accessed and/or acquired.  In this installment, we address the laws that could be implicated … Continue Reading

It’s Elementary: Measures that Educational Institutions Should Take to Prepare for Ransomware Attacks: Part 2

Photo of Benjamin WangerPhoto of Allison ClarkBy Benjamin Wanger and Allison Clark on Posted in Ransomware
PART 2 The best way to ensure that an educational institution can respond quickly and effectively to a ransomware attack and minimize any chaos and confusion that accompanies such incidents is to have an incident response plan in place to outline the procedures to be followed after ransomware has been detected.  In this posting, we … Continue Reading

Impact of the Ukraine/Russia Conflict on Cybersecurity in the United States

Photo of M. Scott KollerBy M. Scott Koller on Posted in Data Security
On Feb. 24, 2022, Russia launched a large-scale military incursion into Ukraine. By all accounts, the Russian offensive attacked on multiple fronts, including against Ukraine’s network computers and communication systems. The cyberattacks began before the first tank crossed the border, with Ukrainian networks subjected to multiple targeted attacks involving hacking, distributed denials of service and … Continue Reading

The Brave New World of Cybersecurity Compliance—Key Takeaways from Recent Government Action on Cybersecurity

Photo of Andreas KaltsounisPhoto of Seungjae LeeBy Andreas Kaltsounis and Seungjae Lee on Posted in Cybersecurity
After a series of high-profile supply chain and ransomware attacks, the federal government is ramping up its effort to improve the nation’s cybersecurity. In the past several months, multiple federal departments and agencies announced new policy initiatives and regulatory directives to drive their cybersecurity agenda forward, and state regulators are following the trend. It is … Continue Reading

The Scourge of Ransomware

Photo of Craig A. HoffmanPhoto of Elise ElamBy Craig A. Hoffman and Elise Elam on Posted in Data Security Incident Response
Our 2021 Data Security Incident Response Report (DSIR) described ransomware as a scourge. There are stories every day about new threat actor groups and their victims. There are task forces, law enforcement initiatives, discussions by legislators about laws to help address the problem, and real-world impact from operational disruption (such as panic-buying of gas). Most … Continue Reading

CISA Updates Advisory on Large-Scale Impending and Credible Ransomware Threat to Healthcare to Include Additional IOCs

Photo of Aleksandra VoldPhoto of Sara GoldsteinBy Aleksandra Vold and Sara Goldstein on Posted in Healthcare, HHS
On Oct. 28, a joint cybersecurity advisory was published by the Cybersecurity and Infrastructure Security Agency (CISA), the FBI and the Department of Health & Human Services. The advisory warned of an imminent cybercrime threat to U.S. hospitals and healthcare providers – specifically that a large-scale ransomware attack may be on the very near horizon. BakerHostetler’s coverage … Continue Reading

Warning of Cybersecurity Threat to Healthcare Sector – Imminent Threat of Ransomware

Photo of Eric A. PackelBy Eric A. Packel on Posted in Healthcare
BakerHostetler is closely monitoring a Cybersecurity Advisory issued jointly by several government agencies including the United States Department of Health and Human Services (HHS) and the FBI, on October 28. The Advisory warns of an imminent cybercrime threat to U.S. hospitals and healthcare providers with the purpose of infecting systems with Ryuk ransomware for financial … Continue Reading

DSIR Deeper Dive: The Ransomware Epidemic

Photo of Anthony P. ValachBy David Kitchen and Anthony P. Valach on Posted in Data Security Incident Response
Ransomware is among the most common and persistent threats faced by organizations of all sizes. In 2019, the ransomware threat landscape worsened in several significant ways: (1) average demands increased more than tenfold; (2) all industry segments saw increases in attack frequency, with stark increases seen by education and government entities; and (3) several threat … Continue Reading

Threat Actors are Finding New Ways to Commoditize Data

Photo of David PotterPhoto of Anthony P. ValachBy David Potter and Anthony P. Valach on Posted in Cybersecurity
While all businesses continue to adjust to the remote work environment, it’s business as usual for cybercriminals. Although there are reports of phishing schemes tied to the COVID-19 pandemic, we are not really seeing different types of incidents or new tactics from the threat actors. Incident volume has increased slightly, but we are not seeing … Continue Reading

Healthcare Providers Remain Targets for Ransomware Attacks in the Midst of COVID-19 Pandemic

Photo of Benjamin WangerPhoto of Sara GoldsteinBy Benjamin Wanger and Sara Goldstein on Posted in Ransomware
Although it was widely reported that several ransomware threat actor groups have pledged to not target healthcare providers until the COVID-19 pandemic is over, BakerHostetler’s Digital Assets and Data Management Practice Group and Healthcare Privacy and Compliance team continue to see ransomware attacks launched against healthcare providers. In order to combat the COVID-19 pandemic, healthcare … Continue Reading

Best Cybersecurity Practices for Healthcare Organizations – Ransomware Prevention

Photo of Aleksandra VoldPhoto of Kathryn CareyBy Aleksandra Vold and Kathryn Carey on Posted in HHS, HIPAA/HITECH, Phishing, Ransomware
This article is part of a series of blog posts exploring the recommendations and guidance Health & Human Services (HHS) provides to healthcare organizations in its “Cybersecurity Best Practices” report. For previous articles in the series, click here. The report on cybersecurity best practices (Report) is not the first time HHS has discussed the prevalent … Continue Reading

Recent OCR Newsletter Highlights Growing Cyber Extortion Threat for Healthcare Organizations

Photo of Lynn SessionsPhoto of Kathryn CareyBy Lynn Sessions and Kathryn Carey on Posted in Cybersecurity
The OCR’s January 2018 newsletter details specific types of cyber extortion that healthcare organizations are currently encountering, including ransomware, denial of service attacks, distributed denial of service attacks and theft of protected health information (PHI). Each type of attack poses unique challenges that may affect an organization in different ways. However, all cyber extortion disrupts … Continue Reading

Ways to Prevent & Prepare for Ransomware Attacks

Photo of BakerHostetlerBy BakerHostetler on Posted in Ransomware
Ransomware was involved in 10 percent of the 450 breaches handled by our Privacy and Data Protection team in 2016. This week’s news about a global ransomware attack is another example that this trend is on the rise. Companies, governments and organizations around the world are grappling with what steps they should take to minimize … Continue Reading

Deeper Dive: Ransomware – WannaCry and the Future of Ransomware-as-a-Service

Photo of Melinda L. McLellanPhoto of James A. ShererBy Melinda L. McLellan and James A. Sherer on Posted in Cybersecurity, Data Breaches, Incident Response, Ransomware
In our 2017 BakerHostetler Data Security Incident Response Report, we addressed the increasingly ubiquitous scourge of ransomware, one of the fastest-growing types of malware causing data security incidents. We noted that ransomware attacks have been steadily expanding in both frequency and severity, and that those trends seemed set to continue for the foreseeable future. Less than a … Continue Reading

Deeper Dive: Forensics

Photo of Patrick H. HaggertyBy Patrick H. Haggerty on Posted in Cybersecurity
A company’s ability to quickly and efficiently conduct a forensic investigation is critical to limiting the impacts of a data security incident and determining the scope of the incident. In BakerHostetler’s 2017 Data Security Incident Response Report, we analyzed data from the more than 450 incidents we worked on in 2016. A forensic investigation occurred … Continue Reading

Deeper Dive: Incorporating Incident Response Into Disaster Recovery Plans

Photo of M. Scott KollerBy M. Scott Koller on Posted in Cybersecurity, Ransomware
Incident response and disaster recovery are both essential components of a comprehensive written information security program. However, too often these plans are implemented in a vacuum, without considering the potential synergies and improvements that can be gained when such plans are developed, deployed and tested together. Incident response and disaster recovery tend to have the … Continue Reading

Crowdsourcing Cybersecurity in 2017

Photo of Craig A. HoffmanBy Craig A. Hoffman and Erich Falke on Posted in Cybersecurity, Ransomware
BakerHostetler began publishing its Data Security Incident Response Report in 2015. Although we were the first law firm to do so, inspiration for the report came from similar reports that cybersecurity firms issue. We will be publishing our 2017 Report on April 13, 2017, containing statistics and insights from the 450+ incidents we led clients … Continue Reading
LexBlog