fbpx

Counsel For Navigating

The Growing Ransomware Threat


Ransomware targets a broad range of companies, with a particular rise in the healthcare and other sensitive sectors. It is rapidly increasing to the extent that ransomware payments are set to nearly double. The nature of the threat, the high stakes, and the immense pressure these attacks levy on their victims make having trusted counsel a priority for navigating the ransomware crisis. As a ransomware lawyer, we help clients prepare and respond to cyberattacks such as ransomware in a manner that comprehensively accounts for both legal and business considerations. 

Preparation is critical to ensuring an orderly and optimal response to any future cyberattack ransomware incidents, so instituting a formal plan should be prioritized. In addition, tabletop exercises, testing, and reinforcement of technical and physical security also play a crucial role in protecting against ransomware, limiting damage should an incident occur, and mitigating liability post-incident. Further, ensuring the inclusion of ransomware insurance is also integral in the planning phase. With proper planning, the ransomware threat can be mitigated if not wholly neutralized. We see encouraging signs, for example, by way of the decrease in ransomware payments that signal better-prepared companies no longer have to give in to the high demands out of desperation to gain access back to critical systems. Still, there are many companies that find themselves backed into a corner when ransomware comes into play, to the extent that some companies are paying attackers multiple times

Responding to a ransomware incident, including demands for payment, is also multi-pronged. First, the response should align with an established ransomware incident response plan which assures that actions are legally compliant, protected by the attorney-client privilege, and are otherwise orderly and astute. One of the core considerations for response includes ensuring compliance with the U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) Specially Designated Nationals and Blocked Persons List (SDN List). Advisory from OFAC is especially relevant when the ransomware payment demand is for a cryptocurrency such as Bitcoin. Often, in such a scenario attributing the demand to a specific actor is difficult, making checking the sanctions list challenging. Still, due diligence, such as notifying the appropriate agencies, including law enforcement, and performing a search of OFAC's SDN List, which now also lists crypto wallet addresses, will go a long way toward mitigating enforcement action. 

While cyberattacks in general and ransomware incidents in specific are highly dynamic areas of the law, we take pride in staying on the cutting edge of developments in the space to provide clients with effective counsel. 


Learn How RICHT Can Help You Navigate Ransomware Challenges



    Ransomware News

    The Record

    Ransomware Payments Doubled To More Than $1 Billion In 2023

    Companies, individuals and other victims of ransomware attacks paid hackers more than $1.1 billion in 2023 in exchange for unlocking their data, according to new research.

    Ransomware Law
    CNBC

    China’s ICBC, The World’s Biggest Bank, Hit By Ransomware Cyberattack

    ICBC, the world’s largest lender by assets, said Thursday its financial services arm experienced a ransomware attack “that resulted in disruption to certain” systems.

    Ransomware Law
    The New York Times

    Hundreds of Businesses, From Sweden to U.S., Affected by Cyberattack

    In Sweden, a grocery chain temporarily closed its doors after the attack. Some companies have been asked for $5 million in ransom.

    Ransomware Law

    Privacy & Cybersecurity Practice Insights