Cybersecurity Resource Center

“Emerging cyber threats require engagement from the entire American community to create a safer cyber environment—from government and law enforcement to the private sector and, most importantly, members of the public.”

– the Cybersecurity and Infrastructure Security Agency (“CISA”)

There’s no question that the pandemic has increased companies’ vulnerability to cyberattacks. More companies’ employees are working remotely, and thieves are leveraging that change—as well as public fear—to conduct hacking campaigns. Some of the more common attack methods include:

• Business email compromises: Email compromises trick employees into making fraudulent business payments, often by compromising the account of and impersonating a colleague or vendor.
• Malicious apps: People working from home tend to jump among personal and company-owned devices. Meanwhile, more and more fraudulent mobile applications are being added to app stores, where they can be downloaded and compromise users’ devices.
• Videoconference bombing: Because employees have been working remotely and have not been able to meet in person, the use of videoconferences has risen significantly. So too has the disruption of videoconferences with pornographic, hateful, or threatening images and content.
• Scams and fraud targeting individuals: The FBI warns of social media messages, emails, and phone calls that seek to scam people for money, or to phish account access, under the guise of purported COVID-19 testing, financial relief efforts, or medical equipment.

Morrison & Foerster is uniquely positioned to provide insight and counsel on the various facets of cyberattack preparedness and response. Our market-leading Global Privacy + Data Security team has decades of collective experience helping clients navigate these and other pressing issues. Visit our new Privacy + Data Security Litigation practice page to learn how our team can help your company with potential litigation arising from a breach.

Article

Law 360: 5 Tips For In-House Counsel Anticipating Cyber Class Actions

Data breaches have increased over 270% as compared to last year. Read “5 Tips For In-House Counsel Anticipating Cyber Class Actions” Nancy Thomas and Dave McDowell in Law360.

Article

The Benefits and Risks of Notifying Law Enforcement

Alex Iftimie discusses the considerations an organization should make regarding whether or not to notify law enforcement following a data breach.

Resource

Are you prepared for a significant breach?

Learn what you need to know to prepare to for a significant breach before it occurs, and the key steps to take in the first 48 hours after a breach.

Resource

Beyond the Breach: Through the Lens of a Litigator

Our “Beyond the Breach” series offers useful insights into what you can do after a data breach to support your organization for the inevitable legal battles ahead.

Client Alert

Preserve Privilege and Protect Work Product

A recent court decision departed from courts that have consistently held incident-response reports must be protected from disclosure by either the attorney-client privilege or the attorney work product doctrine.

Article

What Should Boards Think About After a Breach?

It’s about employing systems and processes, not placing blame.

Podcast

Cyberattacks in the Time of Remote Work

Miriam Wugmeister speaks on the Smart Women, Smart Power podcast about some of the digital challenges that the COVID-19 pandemic has brought to light.

Client Alert

U.S. Government Responds to SolarWinds Hack, Seeks to Establish New Norms for Cyber Espionage

MoFo partners discuss the US government’s recent changes to its protocols regarding cyber threats in response to the SolarWinds attack.

Client Alert

A MoFo Minute of Privacy

MoFo answers your privacy questions in one minute or less – a new feature.