HHS Ransomware Report Details Revival of Dangerous LOTL Cyberattack

Share

On May 5, 2022, the U.S. Department of Health and Human Services (HHS) issued a report entitled “Ransomware Trends in the HPH Sector” (HHS Report) that reviewed key cybersecurity threats and trends affecting the U.S. healthcare sector.

Continue reading “HHS Ransomware Report Details Revival of Dangerous LOTL Cyberattack”

Congress Passes New Cyber Incident and Ransomware Payment Reporting Legislation

Share

The United States Congress recently passed legislation that includes new cybersecurity provisions requiring critical infrastructure providers to report cyber security incidents, including the payment of ransom, to the federal government. The bill, also known as the “Strengthening American Cybersecurity Act of 2022,” passed the Senate by unanimous vote on March 1. It then passed the House of Representatives and was signed into law by President Biden on March 15, 2022.

Continue reading “Congress Passes New Cyber Incident and Ransomware Payment Reporting Legislation”

FBI Announces Increased Focus on Illegal Financial Transactions Involving Cryptocurrency

Share

Cryptocurrency has increasingly become an accepted form of financial exchange. However, it has also become a favored form of payment for cyber criminals.

In an effort to deter the use of cryptocurrencies in furtherance of criminal activity, the Federal Bureau of Investigation recently announced the formation of a Virtual Asset Exploitation Unit (VAXU). The VAXU will combine various investigatory, technical, and analytical resources, and the unit is charged with tracking the illicit use of cryptocurrencies and assisting in their seizure. This announcement follows close on the heels of the recent U.S. Department of Justice appointment of veteran federal prosecutor Eun Young Choi as the first director of the newly-created National Cryptocurrency Enforcement Team (NCET).

Continue reading “FBI Announces Increased Focus on Illegal Financial Transactions Involving Cryptocurrency”

FTC Warns Companies to Fix Vulnerabilities Associated with Log4j

Share

The Federal Trade Commission (FTC) recently warned private entities to remediate any ongoing Log4j vulnerabilities present within their networks or face possible enforcement action.

Log4j is used to record activities in a wide range of systems, sites, and software found in online products and services. Recently, a serious vulnerability in this popular software was discovered. This vulnerability poses a severe risk to millions of users. Most importantly, the Log4j vulnerability is being widely exploited by a growing set of attackers.

Continue reading “FTC Warns Companies to Fix Vulnerabilities Associated with Log4j”

U.S. Cybersecurity Officials Issue New Warning Regarding Threats to Critical Infrastructure

Share

On January 11, 2022, the U.S. Department of Homeland Security’s Cyber Security and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) issued a joint advisory, warning of an increasing cybersecurity threat posed by Russian state-backed threat actors to U.S. critical infrastructure.

Continue reading “U.S. Cybersecurity Officials Issue New Warning Regarding Threats to Critical Infrastructure”

OFAC Issues Sanctions Compliance Guidance for Virtual Currencies

Share

In October, the United States Department of the Treasury’s Office of Foreign Assets Control (“OFAC”) published new guidance for the virtual currency industry focusing on compliance with the financial industry’s obligations related to U.S. economic sanctions.

OFAC administers and enforces economic sanctions against targeted and/or sanctioned foreign countries, geographic regions, entities, and individuals to further U.S. foreign policy and national security goals.

As noted in the new guidance, virtual currencies now playing an increasingly prominent role in the global economy. The growing relevance of virtual currency, both as an investment and as a payment method, brings greater exposure to sanctions risks. Specifically, there is an increased risk that a sanctioned entity or an entity in a jurisdiction subject to sanctions might use virtual currency as an alternative to fiat currency in an effort to avoid U.S. sanctions. As such, the OFAC guidance specifically targets technology companies, virtual currency exchanges, virtual currency administrators, virtual miners, digital currency wallet providers, and users.

Continue reading “OFAC Issues Sanctions Compliance Guidance for Virtual Currencies”