Search Results for “ransomware”

Automated Decision Making

Erez Liebermann to speak at Incident Response Forum Ransomware 2024

By: Erez Liebermann December 12, 2023

On Thursday, January 18, 10:00-10:45 AM (ET), Erez Liebermann will speak at Incident Response Forum Ransomware 2024 on a virtual panel entitled “Ransomware Attacks: The SEC, NYDFS and Other Regulatory…

Ransomware

Lessons Learned from DOJ’s Takedown of Hive Ransomware

By: Luke Dembosky, Avi Gesser, Erez Liebermann and Mengyi Xu January 27, 2023

On January 26, 2022, the FBI, DOJ, and international law enforcement partners dropped a bombshell of an announcement: they had dismantled the infrastructure of one of the most prolific ransomware…

Ransomware

Erez Liebermann Discussed New Regulatory Requirements and Guidance at Incident Response Forum Ransomware 2023

By: Erez Liebermann January 25, 2023

On Thursday, January 12, 2023 at 3:00 PM EST Erez Liebermann spoke on a virtual panel entitled The Changing Tides of Regulation: Navigating New Regulatory Requirements and Guidance Around Cybersecurity…

Automated Decision Making

OFAC and FinCEN Update Ransomware Guidance to Include New Red-Flag Indicators and Additional Sanctions Designations

By: Luke Dembosky, Avi Gesser, Satish Kini, Aseel Rabie, HJ Brehmer and Andreas Constantine Pavlou November 9, 2021

On November 8, 2021, the U.S. Department of the Treasury (“Treasury”) announced a new set of sanctions against criminal ransomware actors, the virtual currency exchange Chatex, and three companies providing…

Enforcement

OFAC’s Ransomware Advisory Part 2 – How Banks Can Reduce Their Sanctions Risk for Client Cyber Ransom Payments

By: Luke Dembosky, Avi Gesser, Satish Kini, HJ Brehmer and Scott M. Caravello October 4, 2021

On September 21, 2021, the U.S. Department of the Treasury’s Office of Foreign Asset Control (“OFAC”) released an updated advisory (the “Advisory”) on the sanctions risks associated with facilitating ransomware…

Enforcement

Improved Cybersecurity Can Mitigate Sanctions Risk and Other Takeaways from the Latest OFAC Advisory on Ransomware

By: Luke Dembosky, Avi Gesser, Satish Kini, HJ Brehmer and Sarah Q. Smith September 23, 2021

On September 21, 2021, the U.S. Department of the Treasury’s Office of Foreign Assets Control (“OFAC”) issued an updated advisory (the “Advisory”) on sanctions risks associated with payments to threat…

Enforcement

Companies Face Increased Sanctions Risk for Making Ransomware Payments — Takeaways from the Latest OFAC and FinCEN Advisories

By: Luke Dembosky, Jeremy Feigelson, Avi Gesser, Satish Kini, Paul Rodel, David Sewell, Martha Hirst, Robert Maddox, Zila Reyes Acosta-Grimes and Mengyi Xu October 6, 2020

Earlier this year, we shared a list of 13 technical and nontechnical measures companies can adopt to mitigate the risks of ransomware attacks. With ransomware and other malicious cyber-related attacks…

Cybersecurity

Preparing for and Responding to Ransomware Attacks: Thirteen Lessons from the NIST Framework and Recent Events

By: Luke Dembosky, Avi Gesser, Christopher S. Ford, Robert Maddox, Friedrich Popp, HJ Brehmer and Mengyi Xu June 18, 2020

Ransomware attacks continue to plague businesses across the globe. As companies enhance their defenses, attackers increase the sophistication of their software and its deployment. Ransomware attacks used to be limited…

Announcement

Webcast – Ransomware 2.0 – A Discussion with David Wong of FireEye Mandiant on the Evolving Threat Landscape, Risk Mitigation Strategies, and Legal and Practical Considerations

By: Avi Gesser and HJ Brehmer June 17, 2020

On June 23, 2020, please join Avi Gesser and HJ Brehmer from Debevoise’s Data Strategy & Security Group, along with our special guest, Dave Wong, VP at FireEye Mandiant, for…

CISA

CISA Proposes Major Reporting Obligations for Critical Infrastructure

By: Avi Gesser, Luke Dembosky, Jim Pastore, Erez Liebermann, Caroline Novogrod Swett, HJ Brehmer, Gabriel Kohan, Michael R. Roberts, Stephanie Thomas and Annabella M. Waszkiewicz April 8, 2024

Adding to the growing number of cybersecurity incident reporting obligations, the Cybersecurity and Infrastructure Security Agency (“CISA”) has introduced a reporting requirement that will impact all critical infrastructure sectors, featuring…