Kaseya: The Latest High-Profile Ransomware Attack

Share

On July 2, 2021, Kaseya Ltd., a Florida-based firm that provides software tools to thousands of primarily small and mid-sized businesses, became the latest victim of a high-profile ransomware attack. The attack is believed to have affected as many as 1,500 of Kaseya’s customers throughout the world, including at least 200 businesses in the United States. The attackers, who have claimed association with the Russia-linked REvil ransomware gang, have demanded an astronomical $70 million ransom to restore services for affected businesses.

The Kaseya attack was particularly devastating and effective because it was a supply chain attack, meaning it targeted a type of software that many other companies use to manage and distribute software updates. Thus, the attack not only affected Kaseya, but also potentially all of its customers.

Continue reading “Kaseya: The Latest High-Profile Ransomware Attack”

Department of Homeland Security Announces New Cybersecurity Requirements for Pipelines

Share

The Department of Homeland Security (DHS) recently announced a new Security Directive requiring companies in the pipeline sector “to better identify, protect against, and respond to” cyber threats. Among other things, the Security Directive requires pipeline operators to report cyberattacks against their pipelines to DHS. This new requirement replaces the voluntary reporting guidelines that had been in place since 2010.

The new Security Directive is a response to the May 2021 ransomware attack on Colonial Pipeline that shut down much of the oil and gas distribution to the East Coast of the United States for approximately six days. According to various media reports, Colonial Pipeline ultimately elected to pay a Russian ransomware gang that claimed responsibility for the attack over four million dollars to re-open the crippled pipeline.

Continue reading “Department of Homeland Security Announces New Cybersecurity Requirements for Pipelines”

New York Department of Financial Services and National Securities Corporation Agree to $3 Million Settlement in Cybersecurity Enforcement Action

Share

Earlier this month, the New York State Department of Financial Services (NYDFS) announced a settlement and consent order with National Securities Corporation (National Securities) for $3 million in connection with National Securities’ violations of NYDFS’s Cybersecurity Regulation, 23 NYCRR Part 500 (Part 500).

National Securities sells life insurance, accident and health insurance, and variable life/variable annuities insurance. As part of its day-to-day operations, National Securities collects personal data from its customers.

Continue reading “New York Department of Financial Services and National Securities Corporation Agree to $3 Million Settlement in Cybersecurity Enforcement Action”

Multiple Federal Agencies Jointly Warn of Increased and Imminent Cybercrime Threat to U.S. Hospitals and Healthcare Providers

Share

On October 28, 2020, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI) and the Department of Health and Human Services (HHS) issued a Joint Cybersecurity Advisory warning of “an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers.” The agencies collectively warned that “malicious cyber actors are targeting the Healthcare and Public Health (HPH) Sector with Trickbot malware, often leading to ransomware attacks, data theft, and the disruption of healthcare services.”

Continue reading “Multiple Federal Agencies Jointly Warn of Increased and Imminent Cybercrime Threat to U.S. Hospitals and Healthcare Providers”

Ransomware Payments May Violate Sanctions Laws, U.S. Treasury Department Warns

Share

Ransomware attacks are on the rise in the wake of COVID-19, but attack victims — and third parties who assist them — could unknowingly be in violation of federal law. A new advisory from the U.S. Department of the Treasury warns that ransom payments to sanctioned individuals or entities may result in significant criminal or civil liability. Companies should closely review the details of this advisory to minimize the risk of violating the U.S. sanctions laws if they are victimized by a ransomware attack.

For the full alert, visit the Faegre Drinker website.

Disruption IV: The New Threat Disruptionware Poses to the American Energy Sector

Share

Over the past few months, I have written about the threat first identified by the Institute for Critical Infrastructure Technology (ICIT) called disruptionware. We have previously described what disruptionware is, how it works, and outlined some of the defenses that can be used to defend against a multitude of disruptionware attacks. Many may have thought the immediate notifications of the threat posed by this new concept of disruptionware had been adequately made public and sufficiently identified. Unfortunately, disruptionware continues to impact new sectors.

According to ICIT, disruptionware is an evolving category of malware designed to “suspend operations within the victim organization through the compromise of the availability, integrity and confidentiality of the data, systems, and networks belonging to the target.” Recently, ICIT identified a new threat from disruptionware that will likely have a seriously adverse effect on the American energy sector. ICIT goes so far as to refer to disruptionware in the context of an attack on the U.S. energy grid as a “weapon of mass destruction.”

Continue reading “Disruption IV: The New Threat Disruptionware Poses to the American Energy Sector”

©2024 Faegre Drinker Biddle & Reath LLP. All Rights Reserved. Attorney Advertising.
Privacy Policy