Ransomware

This article appeared in Cybersecurity Law & Strategy, an ALM publication for privacy and security professionals, Chief Information Security Officers, Chief Information Officers, Chief Technology Officers, Corporate Counsel, Internet and Tech Practitioners, In-House Counsel. Visit the website to learn more.

During the past few months, there has been a significant paradigm shift in the cybersecurity world. Threat actors from Russia, in particular, have significantly enhanced their capabilities to target individual businesses and managed service providers (MSPs) or IT companies. As of late December, hacking groups such as Sodinokibi (aka "Evil Corp") and Ryuk have been impacting thousands of businesses across the United States in a multitude of ways. It is critical that lawyers, their firms and the companies they serve be aware of these threats and take the appropriate measures to proactively secure their own—and their clients'—sensitive and private information.

Tracking Major Recent Ransomware Attacks

Approximately 16 months ago, the FBI and Department of Homeland Security warned MSPs that certain threat actors were planning large-scale attacks against them. In August of 2019, we saw the largest distributed ransomware attack encrypt and hold hostage the data of approximately 450 businesses and impact thousands of computers and servers. During Thanksgiving week, they hit 100 businesses and then, on December 24, approximately 1,300 businesses were victims.