Ransomware targeting a broad range of companies is rapidly increasing to the extent that ransomware payments are set to nearly double in 2021. The nature of the threat, the high stakes, and the immense pressure these attacks levy on their victims make having trusted counsel a priority for navigating the ransomware crisis. As counsel, we help clients prepare and respond to cyberattacks such as ransomware in a manner that comprehensively accounts for both legal and business considerations.
Preparation is critical to ensuring an orderly and optimal response to any future cyberattack ransomware incidents, so instituting a formal plan should be prioritized. In addition, tabletop exercises, testing, and reinforcement of technical and physical security also play a crucial role in protecting against ransomware, limiting damage should an incident occur, and mitigating liability post-incident. Further, ensuring the inclusion of ransomware insurance is also integral in the planning phase.
Responding to a ransomware incident, including demands for payment, is also multi-pronged. First, the response should align with an established ransomware incident response plan which assures that actions are legally compliant, protected by the attorney-client privilege, and are otherwise orderly and astute. One of the core considerations for response includes ensuring compliance with the U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) Specially Designated Nationals and Blocked Persons List (SDN List). Advisory from OFAC is especially relevant when the ransomware payment demand is for a cryptocurrency such as Bitcoin. Often, in such a scenario attributing the demand to a specific actor is difficult, making checking the sanctions list challenging. Still, due diligence, such as notifying the appropriate agencies, including law enforcement and performing a search of OFAC's SDN List, which now also lists crypto wallet addresses, will go a long way toward mitigating enforcement action.
While cyberattacks in general and ransomware incidents in specific are highly dynamic areas of the law, we take pride in staying on the cutting edge of developments in the space to provide clients with effective counsel.
