On April 15, 2021, the Biden Administration took a significant step in announcing sanctions against the Russian Government and private Russian entities for multiple internationally-destabilizing activities, including the Russian Foreign Intelligence Service’s (SVR) supply chain attack of the SolarWinds Orion platform and other technology infrastructures. In addition to the sanctions, the Administration also provided practical […]
National Security & Digital Crimes
U.S. Takes Unprecedented Action to Disrupt State-Sponsored Exploitation of Microsoft Exchange Zero-Day Vulnerabilities
On April 13, 2021, a federal district court granted a motion to partially unseal an FBI application and search warrant following the successful conclusion of an FBI operation to eradicate malicious web shells placed on U.S.-based computers by Chinese state-sponsored actors. The FBI’s use of credentialed, remote access techniques to access, copy, and remove malware […]
NYDFS Announces Cybersecurity Settlement, Addresses Multi-Factor Authentication Rules
On April 14, 2021, the New York Department of Financial Services (“NYDFS”) announced a settlement with National Securities Corporation (“National Securities”), a licensed insurer, in connection with claims under the NYDFS Cybersecurity Regulation (23 NYCRR Part 500). The consent order requires payment of a $3M penalty and mandatory remediation in response to alleged failures to […]
NYDFS Reports Major Cybersecurity Settlement
In early March, the New York Department of Financial Services (NYDFS) announced a settlement involving a $1.5M penalty and mandatory remediation in response to a mortgage lender’s alleged failure to report a cyber breach, and other alleged cybersecurity failures. This enforcement action marks the second public enforcement action under 23 NYCRR Part 500 (the “Cybersecurity […]
President Biden Issues Executive Order on America’s Supply Chains
On February 24, 2021, President Biden announced a new Executive Order on America’s Supply Chains. The Order provides for two key initiatives, including a 100-day review of the supply chains for certain vital products and a long-term review of supply chains in six different sectors of the U.S. economy, including the information and communications technology […]