Financial and insurance organizations have been under increasing attack by Scattered Spider. Now there is more guidance for entities. Hunton Andrews Kurth notes:
On May 14, 2024, the UK National Cyber Security Centre (“NCSC”) and three major UK insurance associations (Association of British Insurers (“ABI”), British Insurance Brokers’ Association (“BIBA”) and International Underwriting Association (“IUA”)), published joint guidance on the approach to ransom payments (the “Guidance”). The Guidance was prepared for businesses experiencing a ransomware attack with the aim of reducing the overall impact of the incident on the business. The Guidance is intended, among other things, to reduce the number of ransoms paid by ransomware victims in the UK, and the size of the ransoms paid in cases where the victims do elect to pay.
The Guidance provides details on “things to consider” when experiencing a ransomware attack.
Read more at Privacy & Information Security Law Blog.