Morrison Foerster is an international law firm with lawyers practicing throughout the United States, Asia, and Europe. Click to discover more.

mofo_share_image.jpg

Morrison Foerster

common-default.jpeg

Terms / Notices

Cookies

Privacy Policy

Reporting Hotline

Attorney Advertising

Alumni

  Linkedin

MoFo LinkedIN

  Facebook

MoFo Facebook

YouTube

MoFo Youtube

Morrison Foerster - Footer

Anatomy of a Ransomware Attack

You have not solved the recaptcha challenge yet or session expired, try again.

Email Disclaimer

Disclaimer

Unsolicited e-mails and information sent to Morrison Foerster will not be considered confidential, may be disclosed to others pursuant to our <a href="https://www.mofo.com/about/privacy-policy.html">Privacy Policy</a>, may not receive a response, and do not create an attorney-client relationship with Morrison Foerster. If you are not already a client of Morrison Foerster, do not include any confidential information in this message. Also, please note that our attorneys do not seek to practice law in any jurisdiction in which they are not properly authorized to do so.

Feedback

mofo-logo-2022.svg

People

Capabilities

Resources

About

Community

Offices

Careers

Stay Connected

National and global ransomware cases continue to come to light, allowing us to develop a comprehensive picture of the national and economic security threats we face from ransomware groups. As they do, we gain insight on the infrastructure and networks

<h3>Sorry, we weren’t able to find the terms you entered.</h3>Please try a different term or keyword.

People

Capabilities

Resources

Not Found Cards

<a class="btn btn-long btn-outline-orange" href="https://www.veracast.com/webcasts/mofo/mcle_programs/WD9KdJ.cfm">VIEW NOW</a>National and global ransomware cases continue to come to light, allowing us to develop a comprehensive picture of the national and economic security threats we face from ransomware groups. As they do, we gain insight on the infrastructure and networks that allow these threats to persist and study the various components of an attack to develop strategies that enhance companies resiliency.Join MoFo partners Brandon Van Grack, Alex Iftimie, and Miriam Wugmeister for a Data Protection Masterclass Webinar where they will discuss everything you want to know about ransomware but have not been able to ask.Topics to be addressed include:<ul><li>Should you click on the link in a ransomware note?</li><li>Should you notify law enforcement and when?</li><li>Should you engage a third party negotiator?</li><li>What do you do if the threat actor is a sanctioned entity?</li><li>How do you document your decision to pay or not to pay?</li><li>Should you purchase bitcoin in case you need to pay?</li></ul>If you were unable to attend our recent webinar, please find a link to the <a target="_blank" href="https://www.veracast.com/webcasts/mofo/mcle_programs/WD9KdJ.cfm">on-demand replay</a>, which will remain active through January 5, 2022. We hope it will provide worthwhile and practical takeaways for your organization. For additional information on this and related topics, visit our <a href="/special-content/cybersecurity-resources/">Cybersecurity Resource Center</a><a class="btn btn-long btn-outline-orange" href="https://www.veracast.com/webcasts/mofo/mcle_programs/WD9KdJ.cfm">VIEW NOW</a><hr>

Anatomy of a Ransomware Attack

Sign Up

Few lawyers in the world have Miriam’s breadth and understanding of privacy and data security laws, obligations, and practices. As co-chair of Morrison Foerster’s preeminent global Data, Cyber + Privacy Group, leading 60+ lawyers, Miriam is regularly called upon by some of the world’s largest and most complex multinational organizations to confront their most difficult U.S. and international privacy and cybersecurity challenges. Miriam is a trusted advisor who provides legal and strategic advice on all areas of international privacy and data protection issues. She works with global companies on the planning and execution of complex global compliance efforts and helps them find practical solutions to use and manage personal information in every country in the world. She also defends regulatory matters relating to privacy and cybersecurity in the United States and internationally and advises on the Department of Justice Bulk Data Rules. Her counsel is particularly prized for cybersecurity preparedness and breach response. Miriam and her team have navigated some of the largest and most consequential cybersecurity incidents in history, including assisting Mandiant when it discovered and warned the world about the SolarWinds compromise. Having helped hundreds of clients respond to breaches, Miriam is frequently called upon to advise and educate boards of directors regarding cybersecurity and the key role that boards play in understanding and overseeing the potential risks. Miriam works with companies to develop comprehensive customized incident response plans, train staff, conduct extensive tabletop exercises, and address key issues with executive management. While she regularly advises clients on responses to ransomware attacks and other cyber extortion incidents, she works on all aspects that arise in the context of large security incidents, including communication strategies, notifications to customers, consumers, and regulators; public disclosures; interactions with law enforcement globally; litigation; and investigations by regulators around the world.Miriam serves as a board member of the ADP AI & Data Ethics Committee and is a leader in MoFo’s AI Group, a cross-practice team that provides sophisticated, full-service representation to a wide range of clients with companies that both develop and use cutting-edge, rapidly changing technology in the AI space. Miriam uses her extensive industry experience and collaborative global approach to help her clients integrate the newest trends and developments in AI with their business needs.Recognized as a market leader by all major directories, Miriam has been ranked in the top tier of privacy and data security lawyers worldwide by Chambers USA and Chambers Global for well over a decade. She was an inaugural inductee into The Legal 500 Hall of Fame, which is comprised of outstanding U.S. lawyers who have been recommended as The Legal 500’s Leading Lawyers for the last six consecutive years. The Cybersecurity Docket has recognized Miriam as one of its Incident Response 50, a list of the top data breach response lawyers globally. She has been named one of Financial Times’ Top 10 Innovative Lawyers in North America and a National Law Journal Cybersecurity and Data Privacy Trailblazer for her breakthrough work in this space. Miriam was also previously designated as an Ethisphere Attorney Who Matters and a BTI Client Service All-Star. A frequent commentator on cybersecurity, she has been interviewed by media outlets including CNBC, The New York Times, and The Wall Street Journal, among many others.

Miriam Wugmeister

Global Chair of Data, Cyber + Privacy

Brandon L. Van Grack helps lead Morrison Foerster’s National Security group and the Crisis Management group. His practice focuses on investigations, criminal defense, and compliance matters involving export controls and sanctions, foreign investment, and cyber incidents. Brandon’s arrival to the firm follows more than a decade of service at the U.S. Department of Justice (DOJ), where he held multiple senior positions. In those positions, he helped manage the U.S. government’s tools to address perceived national security threats in China and Russia, oversaw every criminal investigation involving sanctions and export controls, and was Chief of DOJ’s Foreign Agents Registration Act (FARA) Unit.Brandon’s leadership and breadth of national security experience offers clients in the financial services, technology, artificial intelligence, defense, media, and communications sectors unmatched insider enforcement perspective across the entire national security landscape, including sanctions, the Committee on Foreign Investment in the United States (CFIUS), export control, cybersecurity matters, and FARA.<blockquote>“Brandon sees around corners. He tells me where the government is going.” – Chambers USA</blockquote><h4>Investigations & White Collar Defense </h4>At the DOJ, Brandon led and supervised some of the government’s most significant corporate investigations and resolutions across the national security spectrum. As Counsel to the Assistant Attorney General for National Security, and a Trial Attorney in the Counterintelligence & Export Control Section, he worked on the resolution of almost every significant corporate matter pertaining to export control and sanctions violations in the last decade and is one of the few attorneys to have managed the DOJ’s Voluntary Self‑Disclosure Program for export control and sanctions violations. As Chief of the FARA Unit, he directed scores of investigations of companies for acting as unregistered foreign agents. A selection of Brandon’s investigation & white collar defense experience includes:<ul><li>Obtained closure letter from DOJ for Cole Engineering Services, a subsidiary of By Light Professional IT Services LLC, less than six months after federal agents executed a search warrant at the company as part of a DOJ investigation.</li><li>Obtained declination from DOJ’s Criminal Fraud Section and United States Attorney’s Office for a prominent advertising and marketing agency concerning allegations that the company insiders improperly obtained and used Paycheck Protection Program (PPP) funds.</li></ul><h4>Sanctions, Export Control, & Foreign Investment</h4>As Counsel to the Assistant Attorney General, Brandon oversaw every criminal investigation involving export control and sanctions and led the DOJ’s response to the Obama Administration’s rollback of sanctions targeting Iran—the Joint Comprehensive Plan of Action (JCPOA). As a Trial Attorney, he prosecuted more than 30 export control and sanctions cases, including first-ever cases involving North Korea, weapons of mass destruction, and the Atomic Energy Act. In the first Trump Administration, Brandon led DOJ’s review of transactions involving foreign influence before CFIUS and Team Telecom; he also managed the DOJ’s review of transactions before CFIUS during the Obama Administration. A selection of Brandon’s sanctions, export control, & foreign investment experience includes:<ul><li>Obtained declination from DOJ and Department of State for individual accused of violating the International Traffic in Arms Regulations (ITAR) and brokering.  </li><li>Obtained declination from DOJ for CEO of a global technology company subject to criminal and civil investigations into alleged violations of the Export Administration Regulations (EAR).</li><li>Obtained license on an expedited timeline from the Bureau of Industry and Security (BIS) for a U.S. technology and manufacturing company to winddown operations in Russia.</li><li>Represent global retailer to conduct internal investigation and draft disclosures to civil authorities pertaining to potential apparent violations of U.S. sanctions and export controls laws.</li><li>Developed U.S. sanctions compliance program for artificial intelligence company and advised on implementation, including ongoing support for compliance processes and procedures.</li><li>Led internal investigation and submitted response to OFAC subpoena for software development company regarding potential violations of multiple sanctions programs; obtained cautionary letter.</li><li>Conducted international investigation concerning federal and state material support statutes as well as related sanctions issues for prominent international organization.</li><li>Represented cryptocurrency exchange before CFIUS in one of the largest cryptocurrency-related transactions and first filing involving digital assets before the Committee.</li><li>Represented Kahoot!, a global learning platform company based in Norway, in CFIUS matters related to its acquisition of Clever Inc.</li><li>Successfully petitioned Customs and Border Protection (CBP) for the release of seized property and resolved related export control disclosures with the Department of State with a “no action” letter.  </li></ul><h4>FARA & the Lobbying Disclosure Act</h4>As Chief of the FARA Unit in the first Trump Administration, and the first official to supervise all foreign influence matters across the DOJ, Brandon revitalized and transformed the enforcement of FARA. Following the DOJ’s announcement making FARA an enforcement priority, he supervised a team of 40 attorneys and staff that opened a record number of investigations, pursued a record number of enforcement actions, secured a record number of registrations, and obtained the first civil injunction involving FARA in nearly three decades. Brandon also directed the review of Lobbying Disclosure Act (LDA) filings for criminal violations and regulated the exemption under FARA for LDA registrants. He also wrote the book on FARA enforcement for the American Bar Association. A selection of Brandon’s FARA & Lobbying Disclosure Act experience includes:<ul><li>Obtained first-ever closure letter from DOJ FARA Unit for a technology company under investigation for potential FARA violations.</li><li>Obtained declination from DOJ for sports organization in connection with a FARA investigation. </li></ul><h4>Cybersecurity </h4>As a long-time prosecutor, including as a Special Assistant U.S. Attorney for the U.S. Attorney’s Office for the Eastern District of Virginia, Brandon directed complex cyber investigations, including multiple matters involving state-sponsored cyber attacks. He prosecuted the first person convicted as a cyberterrorist and led the investigation of an international hacking group for identity theft, extortion, and dozens of spearphishing attacks against public and private entities. He also collaborated with other government agencies, such as the Securities and Exchange Commission, Federal Bureau of Investigation, and the Department of Homeland Security, to facilitate cooperation from corporate victims and disseminate threat information. A selection of Brandon’s cybersecurity experience includes:<ul><li>Obtained assistance from FBI and local enforcement for a data and analytics firm to disrupt cyber-enabled campaign of former employee targeting customers.</li></ul>During his time at the DOJ, Brandon handled the entire range of national security matters. He led and supervised investigations and prosecutions involving espionage, economic espionage, mishandling of classified information, and theft of trade secrets. He also directed investigations involving treason, mutiny, the Neutrality Act, and the Logan Act, and worked closely with the Department of Education on matters pertaining foreign influence, foreign funding, and national security.Brandon has been widely recognized for his deep experience in handling national security matters, and keynotes and speaks at industry conferences involving export control and sanctions, CFIUS, FARA, and political law. He has received numerous awards for his work, including the Attorney General’s Award for Distinguished Service (2018), the FBI Director’s Award for Outstanding Cyber Investigation (2017), the Director of National Counterintelligence’s Award for Excellence (2019), the Homeland Security Investigations Executive Associate Director’s Award for Outstanding Counterproliferation Investigation (2014), and five awards from the Assistant Attorney General for National Security.Brandon regularly provides insight on national security issues and DOJ matters with national media. He is a frequent contributor on cable news, including MSNBC’s The Rachel Maddow Show, Deadline: Whitehouse and All In with Chris Hayes, ABC's Good Morning America, NBC's Meet the Press, CNN, BBC News, Sky News and NHK World. He also regularly appears on NPR’s Morning Edition. He has been quoted on a variety of national security topics in the Wall Street Journal, New York Times, and Washington Post, among others,Brandon is also a Contributing Editor to the Lawfare blog and co-host of <a href="https://www.lawfaremedia.org/podcasts-multimedia/podcast/the-regulators-series" target="_blank">The Regulators</a> podcast, where he speaks with key U.S. government regulators in the national security space, including leaders at OFAC, CFIUS, the Bureau of Industry and Security, DOJ, FinCEN, the Office of Information and Communications Technology and Services (ICTS), and FBI.

Brandon L. Van Grack

Partner

Data, Cyber + Privacy

Anatomy of a Ransomware Attack - 575228251

Anatomy of a Ransomware Attack

05 Oct 2021 12:00 PM - 1:00 PM PDT