National Security

U.S. Takes Unprecedented Action to Disrupt State-Sponsored Exploitation of Microsoft Exchange Zero-Day Vulnerabilities

April 19, 2021 By Kim Peretti and Kate Hanniford

On April 13, 2021, a federal district court granted a motion to partially unseal an FBI application and search warrant following the successful conclusion of an FBI operation to eradicate malicious web shells placed on U.S.-based computers by Chinese state-sponsored actors. The FBI’s use of credentialed, remote access techniques to access, copy, and remove malware […]

President Biden Issues Executive Order on America’s Supply Chains

February 28, 2021 By Privacy, Cyber & Data Strategy Team

On February 24, 2021, President Biden announced a new Executive Order on America’s Supply Chains. The Order provides for two key initiatives, including a 100-day review of the supply chains for certain vital products and a long-term review of supply chains in six different sectors of the U.S. economy, including the information and communications technology […]

SolarWinds Hack: Unparalleled Supply Chain Attack Results in Potential Compromise of Private and Public Sector Organizations

December 17, 2020 By Kim Peretti and Privacy, Cyber & Data Strategy Team

On Sunday, December 13, 2020, SolarWinds announced that it had learned of a “highly sophisticated, manual supply chain attack” by a nation state affecting its Orion Platform, which is used by a wide variety of public and private sector organizations for IT infrastructure monitoring and management. In this attack, adversaries were able to compromise the […]

DOJ Announces Indictment of Russian Hackers for Destructive Cyber-Attacks, Including Deployment of NotPetya and Olympic Destroyer Malware

October 21, 2020 By Privacy, Cyber & Data Strategy Team

On October 19, 2020, the Department of Justice (DOJ) announced that six Russian GRU officers had been charged in connection with a series of destructive cyber-attacks that affected victims around the globe and caused billions of dollars of damage. The Russian hackers are alleged to be a part of the group known as Sandworm, which […]

EU Announces First Sanctions under EU Cyber Sanctions Regime

July 31, 2020 By Privacy, Cyber & Data Strategy Team

On July 30, 2020, the European Council announced sanctions against six individuals and three organizations for their involvement in a series of cyber-attacks that have caused significant damage in the EU and around the world over the last several years. The announcement follows the EU’s adoption last year of Decision (CFSP) 2019/797, which established the […]