On December 6, 2024, the United States Court of Appeals for the D.C. Circuit upheld the constitutionality of the Protecting Americans from Foreign Adversary Controlled Applications Act (“Act”). The Act, signed into law by...more
In early October 2025, several media outlets reported that United States telecommunications services had been infiltrated by state affiliated threat actors linked to the People’s Republic of China (“PRC”). These reports were...more
On October 24, 2024, President Biden signed the first-ever National Security Memorandum (“NSM”) focused on artificial intelligence (“AI”), pursuant to subsection 4.8 of Executive Order 14110. The NSM provides guidance on...more
On October 1, 2024, the Department of Justice (“DOJ”) unsealed an indictment against Aleksandr Viktorovich Ryzhenkov (Александр Викторович Рыженков), a member of the ransomware group Evil Corp. The indictment charges...more
On Thursday, August 22, 2024, the United States Department of Justice (“DOJ”) filed a Complaint-In-Intervention in the case of United States of America ex rel. Christopher Craig and Kyle Koza, v. Georgia Tech Research Corp....more
On August 7, 2024, the 6th Circuit upheld a Chinese spy’s twenty-year prison sentence for attempting to steal aviation trade secrets from General Electric (GE). Yanjun Xu, a deputy director in China’s Ministry of State...more
On July 18, 2024, a federal jury in Delaware found that an online travel booking company violated the Computer Fraud and Abuse Act (CFAA) by accessing portions of a European airline’s website without permission and “with...more
On Monday, June 17, 2024, the Department of Justice (DOJ) announced a settlement in which two U.S. based consulting companies agreed to pay a combined total of $11.3 million to resolve allegations that they violated the False...more
On May 7, 2024, the United States unsealed an indictment against Dmitry Yuryevich Khoroshev, one of the leaders of the Russian-based ransomware group LockBit, for his alleged involvement in developing and distributing the...more
On March 27, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) published a notice of proposed rulemaking (NPRM) implementing the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA). For...more
On December 19, 2023, the Justice Department (“DOJ”) announced a disruption campaign against the Blackcat ransomware group. In the same press release, they also stated that the Federal Bureau of Investigation (“FBI”) had...more
On September 1, 2023, the U.S. District Court for the Eastern District of Pennsylvania unsealed a qui tam False Claims Act (“FCA”) lawsuit (originally filed on October 5, 2022) alleging Penn State University failed to provide...more
According to recent reports issued by Microsoft and U.S. government agencies, hackers recently exploited a gap in Microsoft’s cloud environment, enabling the malicious actors to access the email accounts of employees at the...more
Our Privacy, Cyber & Data Strategy and White Collar, Government & Internal Investigations teams offer key takeaways that companies should consider in the wake of the Justice Department’s first prosecution of a corporate...more
On September 12, 2022, the Cybersecurity and Infrastructure Security Agency (CISA) issued a request for information (RFI) seeking input from stakeholders on the Cyber Incident Reporting for Critical Infrastructure Act of 2022...more
Today, the Department of Justice (“DOJ”) updated its policy regarding charging violations under the Computer Fraud and Abuse Act (“CFAA”). This is the first update to the DOJ’s policy since 2014, and it is effective...more
On March 1, the Senate unanimously passed the Strengthening American Cybersecurity Act of 2022, which will require critical infrastructure companies to report significant cyber-incidents and all ransom payments to the...more
3/18/2022
/ Biden Administration ,
Covered Entities ,
Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Incident Reporting ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
New Legislation ,
Notice and Comment ,
Proposed Rules ,
Ransomware
At the heels of a recent Civil Cyber-Fraud Initiative related to cybersecurity practices and the False Claims Act (FCA), a cybersecurity-related FCA case has survived a motion for summary judgment, teeing up a trial to...more
2/7/2022
/ Compliance ,
Cyber Crimes ,
Cybersecurity ,
Data Protection ,
Data Security ,
Department of Defense (DOD) ,
Disclosure Requirements ,
False Claims Act (FCA) ,
Federal Contractors ,
Fraud ,
NASA ,
Popular
Russia’s Federal Security Service (“FSB”) issued a press release on January 14, 2022 claiming that it dismantled the REvil ransomware gang by arresting 14 suspected members and seizing computer equipment, luxury vehicles,...more
On January 16, 2022, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) released a warning regarding destructive malware targeting Ukrainian organizations, including Ukrainian...more
Our Privacy, Cyber & Data Strategy and White Collar, Government & Internal Investigations teams answer the questions government contractors will have about how to evaluate the False Claims Act risks signaled by the Department...more
On October 6, 2021, Deputy Attorney General Lisa O. Monaco announced the launch of the Department of Justice’s Civil Cyber-Fraud Initiative. The Department plans to use civil enforcement tools to “pursue…those who are...more
On September 21, 2021, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) issued an “Updated Advisory on Potential Sanctions Risks for Facilitating Ransomware Payments.” While this advisory...more
On July 19, 2021, the Biden administration, along with a group of allies publicly accused the Chinese government of malicious cyber activities and irresponsible state behavior. The joint announcement states the U.S....more
7/21/2021
/ Biden Administration ,
Cyber Attacks ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Breach ,
Data Security ,
Espionage ,
FBI ,
Hackers ,
National Security Agency (NSA) ,
Popular ,
Risk Management
When is it a good idea to challenge a government request for information, especially gag orders? Our Privacy, Cyber & Data Strategy Team summarizes the statutory, constitutional, and policy rules governing gag orders and...more