The Strengthening American Cybersecurity Act of 2022, a bill that narrowly failed to become law last year, was passed in the Senate on Tuesday, March 1 as a package of cybersecurity measures that would require operators of critical infrastructure and federal civilian agencies to report cyber incidents to the Department of Homeland Security’s Cybersecurity and […]
Ransomware
Russia Arrests Suspected Members of REvil Ransomware Gang
Russia’s Federal Security Service (“FSB”) issued a press release on January 14, 2022 claiming that it dismantled the REvil ransomware gang by arresting 14 suspected members and seizing computer equipment, luxury vehicles, bitcoin, and fiat currency valued at over $1 million. REvil is a notorious cybercriminal organization that claimed responsibility for a ransomware attack last […]
NYDFS Issues Guidance on Cybersecurity Controls to Combat Ransomware and Clarifies Reporting Obligations
The New York Department of Financial Services (NYDFS) issued new guidance this week intended to assist organizations in thwarting ransomware attacks. The guidance clarifies the NYDFS’ expectation that NYDFS-regulated companies should “implement these controls whenever possible” and report any successful deployment of ransomware or unauthorized access to privilege accounts to the NYDFS under its established […]
State Legislatures Consider Bans on Ransomware Payments
As ransomware attacks continue to dominate the news cycle, legislation has recently been introduced in several states that would place limits on certain entities’ ability to pay a ransom payment in the event of a ransomware attack. Although the proposed limits would generally apply to state agencies and other local governmental authorities, certain state proposals […]
DOJ Seizure of Ransom Payment Signals More Aggressive Stance by U.S. Government
Following the creation of the DOJ’s Ransomware and Digital Extortion Task Force in April 2021 and on the heels of the Biden administration’s characterization of ransomware as a national security threat, on June 7, 2021, the DOJ announced it has seized $2.3 million (63.7 bitcoin) in proceeds from a recent ransom paid to DarkSide in […]