Client Alert

Cry, Cry Again: More Global Ransomware Attacks Reported

27 Jun 2017

It is being widely reported that a new wave of cyberattacks is currently hitting companies and governments.  The attack has spread around the globe in a matter of hours, affecting the Ukrainian government, Russian enterprises, and other companies throughout Western Europe.  Just like the WannaCry ransomware that struck worldwide in May, the new attacks apparently involve malware that encrypts or otherwise restricts access to computers and systems—and apparently the malware exploits some of the same vulnerabilities as WannaCry.  Like a typical ransomware attack, the attackers demand that the victims pay to receive the decryption key or to otherwise recover access to the compromised machine.

As we noted in May after the WannaCry attacks, it was highly likely that ransomware would continue to be weaponized and used against numerous companies at once.  Less than two months later, here we go again.  These attacks are a wake-up call; it should be abundantly clear by now that global attacks are becoming a new normal.  We do not, however, counsel despair.  To the contrary, our team is working with companies around the world to help them be more resilient in light of these evolving threats.  In the face of these increasing risks of attacks, there are a number of key steps that a company can take to protect itself from the inevitable next wave of attacks, including:

  1. Make sure software patches are routinely applied.
  2. If possible, only use supported operating systems and other software.
  3. Utilize antimalware and antivirus software tools and services.
  4. Back up your critical data.
  5. Train your employees on how to spot phishing emails.
  6. Create a cross-functional incident response plan.
  7. Practice responding to a ransomware attack in a table top exercise to be able to hit the ground running when this type of event occurs.
  8. Establish or enhance relationships with law enforcement and other critical partners.

In addition, we are continuing to compile resources to help you prepare for and respond to a ransomware incident:



Unsolicited e-mails and information sent to Morrison & Foerster will not be considered confidential, may be disclosed to others pursuant to our Privacy Policy, may not receive a response, and do not create an attorney-client relationship with Morrison & Foerster. If you are not already a client of Morrison & Foerster, do not include any confidential information in this message. Also, please note that our attorneys do not seek to practice law in any jurisdiction in which they are not properly authorized to do so.