National Security & Digital Crimes

DOJ Seizure of Ransom Payment Signals More Aggressive Stance by U.S. Government

June 10, 2021 By Kate Hanniford

Following the creation of the DOJ’s Ransomware and Digital Extortion Task Force in April 2021 and on the heels of the Biden administration’s characterization of ransomware as a national security threat, on June 7, 2021, the DOJ announced it has seized $2.3 million (63.7 bitcoin) in proceeds from a recent ransom paid to DarkSide in […]

The Supreme Court Narrows The Scope of The Computer Fraud and Abuse Act

June 3, 2021 By Privacy, Cyber & Data Strategy Team

Today, the Supreme Court issued a long-awaited decision in Van Buren v. United States interpreting the meaning of “exceeds authorized access” under the Computer Fraud and Abuse Act (“CFAA”). The 6-3 majority, led by Justice Barrett and joined by Justices Breyer, Sotomayor, Kagan, Gorsuch, and Kavanaugh, rejected the Government’s broad definition of this phrase. While […]

New York and Illinois Regulators Recommend Third Party Cybersecurity Review For Specific Vulnerabilities

May 21, 2021 By James Harvey and Privacy, Cyber & Data Strategy Team

This month, the Illinois Department of Insurance issued guidance to insurers recommending assessments in response to a Microsoft Exchange vulnerability, detailed in the guidance. In the Bulletin dated May 5, the Department encourages regulated entities to “assess the risk to their systems and consumers and take steps necessary to address vulnerabilities and customer impact.” The […]

Swire Report Addresses EU Data Localization Comments, Portuguese Order Restricting U.S. Data Flow

May 3, 2021 By Privacy, Cyber & Data Strategy Team

In November, the European Data Protection Board (EDPB) issued draft guidance regarding transfers of personal data from the European Union. That guidance has prompted nearly 200 comments from companies, trade groups, and interested observers. Senior Counsel Peter Swire, along with co-author DeBrae Kennedy-Mayo, has now published a report reviewing these comments through the Cross Border […]

NYDFS Issues Report on the SolarWinds Attack and Covered Entities’ Responses

April 29, 2021 By Kate Hanniford

Following the SolarWinds cyber espionage attack (the “Attack”) and the resulting focus on supply chain risk, the New York Department of Financial Services (NYDFS) has issued a report detailing the impact on and responses by its regulated covered entities to the Attack. Although there have been no reported instances of active exploitation of DFS-regulated companies […]