The National Cyber Investigative Joint Task Force (NCIJTF) has released a new joint-seal ransomware fact sheet. This educational product is intended to provide the public important information on the current ransomware threat and the government’s response, as well as common infection vectors, tools for attack prevention, and important contacts in the event of a ransomware…
Category: Commentaries and Analyses
Rise in ransomware attacks mistakenly causing data destruction
Ionut Ilascu reports: More and more ransomware victims are resisting the extortionists and refuse to pay when they can recover from backups, despite hackers’ threats to leak the data stolen before encryption. This stance resulted in Q4 of 2020 seeing a significant decline in the average ransom payments compared to the previous quarter, says ransomware…
Google says it’s too easy for hackers to find new security flaws
Patrick Howell O’Neill reports: … according to new research from Maddie Stone, a security researcher at Google: that it’s far too easy for hackers to keep exploiting insidious zero-days because companies are not doing a good job of permanently shutting down flaws and loopholes. The research by Stone, who is part of a Google security…
Court Denies Motion for Class Certification in Employee W-2 Data Breach Litigation
Joseph Lazzarotti and d Maya Atrakchi of JacksonLewis write: In recent years, there has been an uptick of W-2 phishing scams, and their consequences for an employer extend well beyond leaked data, including potential employee class action litigation. Just last week, a federal court in Illinois rejected a motion for class certification in a data…
HITECH Amendment Provides Some Protection For Covered Entities and Business Associates that Adopt Recognized Security Standards
Anna D. Kraus, Libbie Canter, Tara Carrier, and Olivia Vega of Covington & Burling write: On January 5, 2021, an amendment to the Health Information Technology for Economic and Clinical Health (“HITECH”) Act was signed into law. The amendment requires the U.S. Department of Health and Human Services (“HHS”) to “consider certain recognized security practices of covered…
Ransomware payments are going down as more victims decide not to pay up
Danny Palmer reports: The average ransom paid to cyber criminals following a ransomware attack is falling as more companies become reluctant to give into extortion demands. Analysis by cybersecurity company Coveware has found that the average ransom payment paid following a ransomware attack decreased by a third in the final quarter of 2020, dropping to $154,108 from $233,817…