In 2023, a ransomware attack against Lehigh Valley Health Network by AlphV (BlackCat) involved the threat actors leaking nude photos of some cancer patients. In reporting on one of the first class action lawsuits launched against LVHN, DataBreaches pointed out how significant this situation and litigation might be, in part, because of the nude photos…
Category: Of Note
Malta’s Prime Minister Announces Legal Reform To Safeguard Ethical Hacking
Tim Diacono reports: Prime Minister Robert Abela announced plans to update the law to safeguard and regulate the practice of ‘white hat’ ethical hacking. In an interview on ONE this morning, Abela warned that a gap exists in the country’s legislative framework surrounding ethical hacking and cybersecurity. The Malta Digital Innovation Authority has drafted proposed…
Russian Military Cyber Actors Target U.S. and Global Critical Infrastructure
From a Joint Cybersecurity Advisory summary: The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and National Security Agency (NSA) assess that cyber actors affiliated with the Russian General Staff Main Intelligence Directorate (GRU) 161st Specialist Training Center (Unit 29155) are responsible for computer network operations against global targets for the purposes…
Five Russian GRU Officers and One Civilian Charged for Conspiring to Hack Ukrainian Government
Six computer hackers, all of whom were residents and nationals of the Russian Federation (Russia), were charged in an indictment with conspiracy to commit computer intrusion and wire fraud conspiracy. Five of the defendants were officers in Unit 29155 of the Russian Main Intelligence Directorate (GRU), a military intelligence agency of the General Staff of…
The Protection of Critical Infrastructure (Computer System) Bill: Hong Kong’s first specific cybersecurity legislation
Tommy Liu and Kenneth Cheung of Hogan Lovells write: In late June 2024, the Security Bureau of the Hong Kong SAR Government (the “Government”) proposed the first specific cybersecurity legislation in Hong Kong, tentatively entitled the Protection of Critical Infrastructure (Computer System) Bill (the “Bill”), to strengthen the security of the computer systems of critical…
Iran pays millions in ransom to end massive cyberattack on banks, officials say
Matthew Karnitschnig reports: A massive cyberattack that hit Iran last month threatened the stability of its banking system and forced the country’s regime to agree to a ransom deal of millions of dollars, people familiar with the case say. An Iranian firm paid at least $3 million in ransom last month to stop an anonymous…