Menu
Stay Connected

Cybersecurity Resource Center

Related
MoFo's Privacy Library
California Consumer Privacy Act
Privacy + Data Security Report
“Emerging cyber threats require engagement from the entire American community to create a safer cyber environment—from government and law enforcement to the private sector and, most importantly, members of the public.”

– the Cybersecurity and Infrastructure Security Agency (“CISA”)

There’s no question that the pandemic has increased companies’ vulnerability to cyberattacks. More companies’ employees are working remotely, and thieves are leveraging that change—as well as public fear—to conduct hacking campaigns. From hospitals to media companies to manufacturing plants, ransomware and other cyberattacks are increasingly prevalent and have far-reaching impacts. As companies store more of their valuable data in electronic form, they are increasingly vulnerable to attacks that render their data inaccessible. We have served as lead counsel on some of the highest-profile ransomware attacks and breaches of recent years, coordinating all response components, including responding to regulatory inquiries and investigations, defending clients in multi-jurisdiction litigation, engaging on public and customer relations issues, advising on contractual obligations and remedies, and working with forensic investigators, credit monitoring firms, and crises communications professionals—any third party providers needed—to provide an integrated, cost-effective, and seamless response to your data security incident.

Some of the more common attack methods include:

  • Ransomware: Ransomware has exploded. While 2020 has been dubbed the year of ransomware, cyber attacks show no signs of slowing down. Organizations of every type and every size are being impacted.
  • Business email compromises: Email compromises trick employees into making fraudulent business payments, often by compromising the account of and impersonating a colleague or vendor.
  • Malicious apps: People working from home tend to jump among personal and company-owned devices. Meanwhile, more and more fraudulent mobile applications are being added to app stores, where they can be downloaded and compromise users’ devices.
  • Videoconference bombing: Because employees have been working remotely and have not been able to meet in person, the use of videoconferences has risen significantly. So too has the disruption of videoconferences with pornographic, hateful, or threatening images and content.
  • Scams and fraud targeting individuals: The FBI warns of social media messages, emails, and phone calls that seek to scam people for money, or to phish account access, under the guise of purported COVID-19 testing, financial relief efforts, or medical equipment.

In addition to data loss, these incidents raise significant business and legal risks, including damage to brand and reputation, disruption of business operations, and contractual and regulatory obligations. We have helped Fortune 500 companies and other leading companies respond to dozens of significant ransomware incidents and have experience with wide-ranging ransomware variants including Ryuk, Maze, Sodinokibi/REvil, WastedLocker, MegaCortex, Nephilim, SunCrypt, and Harma.

Morrison & Foerster is uniquely positioned to provide insight into and counsel on the various facets of cyberattack preparedness and response. Our market-leading Global Privacy + Data Security team has decades of collective experience helping clients navigate these and other pressing issues. Visit our new Privacy + Data Security Litigation practice page to learn how our team can help your company with potential litigation arising from a breach.

lock and shield
Client Alert
U.S. Congress Passes Cyber Incident and Ransom Payment Reporting Requirement
Critical infrastructure entities in the U.S. will face new cyber incident reporting requirements as a result of the Cyber Incident Reporting for Critical Infrastructure Act of 2022.
numbers
Client Alert
Private Sector Directed to Be on Alert for Potential Russian Cyber Attacks
As the United States and other countries impose sanctions and other penalties on Russia, the possibility of Russian cyberattacks directed at the West looms large.
internet icons
Client Alert
SEC Proposes Cybersecurity Disclosure Rules for Public Companies
The SEC proposed amendments to its rules to require disclosures regarding cybersecurity risk management, strategy, governance, and incident reporting by public companies.
lock in network
Webinar
Anatomy of a Ransomware Attack
National and global ransomware cases continue to come to light, allowing us to develop a comprehensive picture of the national and economic security threats we face from ransomware groups.
lock and shield
Client Alert
U.S. Congress Introduces Bill that Would Require Mandatory 24 Hour Cyber Breach Notification for Government Agencies, Contractors, and Operators of Critical Infrastructure
The U.S. Congress introduces a new bill in response to incidents like the SolarWinds and Colonial Pipeline hacks, which have put a fresh spotlight on the national security implications of cyber incidents and the need for greater information sharing.
colorful code
Video
Board Table Top Exercise: A Realistic Ransom-Scenario-Driven Discussion
View the exercise from MoFo’s Privacy and Data Security team, Miriam Wugmeister, Alex Iftimie, Mark David McPherson, Melissa Crespo, Peter Carey, and Mary Race. The panel’s presentation provides a cybersecurity exposure preparedness overview for board members.
Checklist
Article
Executive Order on Cybersecurity Expands Mandatory Breach Notification and Supply Chain Security Requirements for Government Contractors
MoFo counsel discusses latest EO in response to increased concerns about cyber threats following the SolarWinds, Microsoft Exchange, and Colonial Pipeline incidents.
blue digital folder
Client Alert
U.S. Government Takes Increasingly Aggressive Actions Targeting Ransomware
The U.S. Government made several significant announcements regarding recent U.S. government actions targeting the ransomware ecosystem.
lock and shield
Client Alert
U.S. Government Responds to SolarWinds Hack, Seeks to Establish New Norms for Cyber Espionage
MoFo partners discuss the US government’s recent changes to its protocols regarding cyber threats in response to the SolarWinds attack.
Close
Feedback

Disclaimer

Unsolicited e-mails and information sent to Morrison & Foerster will not be considered confidential, may be disclosed to others pursuant to our Privacy Policy, may not receive a response, and do not create an attorney-client relationship with Morrison & Foerster. If you are not already a client of Morrison & Foerster, do not include any confidential information in this message. Also, please note that our attorneys do not seek to practice law in any jurisdiction in which they are not properly authorized to do so.