On July 19, 2021, the Biden administration, along with a group of allies publicly accused the Chinese government of malicious cyber activities and irresponsible state behavior. The joint announcement states the U.S. uncovered a wide array of cyberattacks by hackers with a history of working for the China’s Ministry of State Security (MSS). Importantly, the […]
Search Results for: ransomware
DOJ Seizure of Ransom Payment Signals More Aggressive Stance by U.S. Government
Following the creation of the DOJ’s Ransomware and Digital Extortion Task Force in April 2021 and on the heels of the Biden administration’s characterization of ransomware as a national security threat, on June 7, 2021, the DOJ announced it has seized $2.3 million (63.7 bitcoin) in proceeds from a recent ransom paid to DarkSide in […]
FBI Releases IC3 2020 Internet Crime Report Showing Record Increase in Cybercrime
The FBI’s Internet Crime Complaint Center (“IC3”) recently released its annual report, the 2020 Internet Crime Report (“Report”), which gathers statistics from nearly 800,000 complaints of suspected cybercrimes that the department received in 2020. This is a record number of complaints—a 69% increase from 2019—with reported losses exceeding $4.2 billion. According to the FBI, the […]
NYDFS Issues Best Practices for Cyber Insurance Risk Management
Against the backdrop of the disruptions associated with the Covid-19 pandemic and SolarWinds cyber-espionage campaign, NYDFS has released guidance for insurers that underwrite cyber insurance policies and which contains a number of provisions expected to impact companies applying for or renewing cyber insurance coverage, not the least of which is a specific recommendation that insurers […]
SEC Focused on Protecting Customer Accounts from Credential Stuffing Attacks
OCIE has released a risk alert regarding credential stuffing in the context of compliance with Regulation S-P and Regulation S-ID, and is encouraging firms to both (i) review and update their policies and procedures to address the risks associated with credential stuffing and (ii) consider proactive outreach to customers regarding measures taken to safeguard their […]