Cyber Threats
Hinshaw Insurance Law TV – Cybersecurity Part One: Data Breach Notification
Defense In-Depth: Cybersecurity For Energy
Cyberside Chats: There is a war in Europe. What does that mean for your cyber insurance policy?
CF on Cyber: The Anatomy of a Ransomware Attack - Part 2
CF on Cyber: The Anatomy of a Ransomware Attack - Part 1
Cyber Insurance 101: What It Is And Why You Need It
Phishing and Vishing and Smishing (Oh my!): New Types of Scams Require Increased Vigilance
K&L Gates Triage: Cyber Insurance Issues for the Healthcare Industry
10th Anniversary Look Back - While 2014 may not really seem that long ago, consider this: In 2014, Tom Brady was still the quarterback of the New England Patriots, with nine years to go until his retirement from the NFL....more
Editor's Note: In a significant study from MIT's CSAIL, researchers have unveiled vulnerabilities in smartphone ambient light sensors, highlighting them as potential channels for privacy breaches. This discovery underscores...more
Why does it matter to you? In February of 2024, Change Healthcare, a prominent player in the healthcare industry, fell victim to a ransomware attack that sent shockwaves through its systems and networks. The incident...more
On May 24, 2023, Microsoft announced the detection of a direct threat to critical infrastructure organizations in Guam and elsewhere in the United States. The alert attributed observed malicious activity to a state-sponsored...more
Report on Patient Privacy 23, no. 10 (October, 2023) Kaiser Foundation Health Plan Inc. and Kaiser Foundation Hospitals will pay California $49 million to resolve allegations that they unlawfully disposed of hazardous waste,...more
Third-party vendors pose a significant risk - The greatest data privacy threat to companies is commonly thought to be that company’s employees. While employees can be a threat, the majority of data breaches and ...more
Before we jump into February developments — trigger warning if you are a Russian hacker — for those keeping track of breach notification requirements, the National Credit Union Administration (NCUA) Board approved a final...more
CYBERSECURITY - Cloaked Ursa Using Trusted Online Storage Services to Evade Detection - According to research by Palo Alto’s Unit 42, the most recent campaign by advanced persistent threat Cloaked Ursa (aka APT 20,...more
Report on Patient Privacy 22, no. 3 (March, 2022) - HHS said in early March that it was not aware of any specific threat to U.S. health care organizations stemming from the Russian invasion of Ukraine. “However, in the...more
CYBERSECURITY - CISA/FBI Advisory Warns of Destructive Malware Used Against Ukraine - The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI issued a joint advisory this week alerting organizations of...more
Report on Patient Privacy 22, no. 2 (February, 2022) - Tensions between the U.S. and Russia could lead to a heightened risk of Russian state-sponsored cyberattacks on U.S. interests, including health care organizations,...more
CYBERSECURITY - ECRI Names Cybersecurity Attacks as Top Health Technology Hazard for 2022 - ECRI has been publishing its annual report of health technology hazards for the past 15 years. According to ECRI’s Device...more
CYBERSECURITY - CISA Issues Alert on Top Exploited Vulnerabilities - On July 28, 2021, the Cybersecurity & Infrastructure Security Agency (CISA) issued a cybersecurity alert entitled “Top Routinely Exploited...more
As summarized in the first installment of our two-part blog series, President Biden recently issued a sweeping Executive Order aimed at improving the nation’s cybersecurity defense. The Order is a reaction to increased...more
Crippling data breaches and sophisticated ransomware attacks are increasingly common threats to modern businesses. Ransomware attacks can not only target confidential company data and data collected from customers but...more
CYBERSECURITY - FBI and DHS/CISA Issue Joint Alert on Mamba Ransomware - The Federal Bureau of Investigations (FBI) recently issued a joint alert with the Department of Homeland Security/Cybersecurity Infrastructure and...more
CYBERSECURITY - NYDFS - Cybersecurity Certificate of Compliance Due April 15, 2021 The New York Department of Financial Services (DFS), which regulates certain covered entities and licensed persons in the financial...more
Selected Developments in U.S. Law - Alston & Bird Analyzes New California Privacy Rights Act - California voters approved a ballot initiative containing the California Privacy Rights Act of 2020. ...more
CYBERSECURITY - U.S. Organizations Doing Business in China Warned of Malware in Tax Software - The Federal Bureau of Investigations (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have issued a joint...more
The Federal Bureau of Investigations (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have issued a joint Flash Alert to U.S. based businesses doing business in China about a remote targeting campaign...more
COVID-19 is increasingly being used in a variety of malicious email phishing spams and attacks in countries such as the United States, Japan, Russia and China. These updates purport to be from official government agencies and...more
As people across the world react to the rapid spread of COVID-19, a new threat is emerging; individuals and employers face a risk from hackers trying to take advantage of the demand for information. Hackers have begun using...more
Researchers at Sentinel One and Dragos have detected malicious code, called EKANS or Snake, that has been designed specifically to target industrial control systems (ICS), including those of oil refineries, manufacturing...more
Ransomware attacks on municipalities were on the rise in 2019, with two-thirds of known ransomware attacks in the United States targeting governments, and the trend is expected to continue for 2020. It is important for...more
Community Health System, one of the largest health systems in the United States, has agreed to pay $4,500,000 to settle claims made against it arising from a 2014 data breach. The data breach, believed to be caused by malware...more