Counsel For Navigating
The Growing Ransomware Threat
Ransomware targets a broad range of companies, with a particular rise in the healthcare and other sensitive sectors. It is rapidly increasing to the extent that ransomware payments are set to nearly double. The nature of the threat, the high stakes, and the immense pressure these attacks levy on their victims make having trusted counsel a priority for navigating the ransomware crisis. As a ransomware lawyer, we help clients prepare and respond to cyberattacks such as ransomware in a manner that comprehensively accounts for both legal and business considerations.
Preparation is critical to ensuring an orderly and optimal response to any future cyberattack ransomware incidents, so instituting a formal plan should be prioritized. In addition, tabletop exercises, testing, and reinforcement of technical and physical security also play a crucial role in protecting against ransomware, limiting damage should an incident occur, and mitigating liability post-incident. Further, ensuring the inclusion of ransomware insurance is also integral in the planning phase. With proper planning, the ransomware threat can be mitigated if not wholly neutralized. We see encouraging signs, for example, by way of the decrease in ransomware payments that signal better-prepared companies no longer have to give in to the high demands out of desperation to gain access back to critical systems. Still, there are many companies that find themselves backed into a corner when ransomware comes into play, to the extent that some companies are paying attackers multiple times.
Responding to a ransomware incident, including demands for payment, is also multi-pronged. First, the response should align with an established ransomware incident response plan which assures that actions are legally compliant, protected by the attorney-client privilege, and are otherwise orderly and astute. One of the core considerations for response includes ensuring compliance with the U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) Specially Designated Nationals and Blocked Persons List (SDN List). Advisory from OFAC is especially relevant when the ransomware payment demand is for a cryptocurrency such as Bitcoin. Often, in such a scenario attributing the demand to a specific actor is difficult, making checking the sanctions list challenging. Still, due diligence, such as notifying the appropriate agencies, including law enforcement, and performing a search of OFAC's SDN List, which now also lists crypto wallet addresses, will go a long way toward mitigating enforcement action.
While cyberattacks in general and ransomware incidents in specific are highly dynamic areas of the law, we take pride in staying on the cutting edge of developments in the space to provide clients with effective counsel.
- Ransomware Incident Response Plans
- Securing Ransomware Insurance Coverage
- Advisory On Security Legal Requirements
- Ransomware Response & Reporting
- Ensuring Protection Under Attorney-Client Privilege & Attorney Work Product
- U.S. Treasury Department Office of Foreign Assets Control (OFAC) Sanctions Due Diligence & Ransomware Payment Advisory
Learn How RICHT Can Help You Navigate Ransomware Challenges
Ransomware News
Privacy & Cybersecurity Practice Insights