Cybersecurity Resource Center

DOJ Cyber-Fraud Initiative Highlights Potential Civil Liability for Failing to Meet Federal Cybersecurity Requirements

MoFo partners Alex Iftimie and Tina Reynolds discuss a new Department of Justice cyber-fraud initiative to use the power of the False Claims Act to initiate suits against federal contractors and grant recipients that fall short of their regulatory and contractual cybersecurity obligations.

Learn More

Department of Defense Pivots on CMMC

MoFo partner Tina Reynolds discusses a widely anticipated move that the Department of Defense announced last week about revamping its Cybersecurity Maturity Model Certification (CMMC) program.

Learn More

“Emerging cyber threats require engagement from the entire American community to create a safer cyber environment—from government and law enforcement to the private sector and, most importantly, members of the public.”

– the Cybersecurity and Infrastructure Security Agency (“CISA”)

There’s no question that the pandemic has increased companies’ vulnerability to cyberattacks. More companies’ employees are working remotely, and thieves are leveraging that change—as well as public fear—to conduct hacking campaigns. Some of the more common attack methods include:

  • Ransomware: Ransomware has exploded. While 2020 has been dubbed the year of ransomware, 2021 looks to be even worse. Organizations of every type and every size are being impacted.
  • Business email compromises: Email compromises trick employees into making fraudulent business payments, often by compromising the account of and impersonating a colleague or vendor.
  • Malicious apps: People working from home tend to jump among personal and company-owned devices. Meanwhile, more and more fraudulent mobile applications are being added to app stores, where they can be downloaded and compromise users’ devices.
  • Videoconference bombing: Because employees have been working remotely and have not been able to meet in person, the use of videoconferences has risen significantly. So too has the disruption of videoconferences with pornographic, hateful, or threatening images and content.
  • Scams and fraud targeting individuals: The FBI warns of social media messages, emails, and phone calls that seek to scam people for money, or to phish account access, under the guise of purported COVID-19 testing, financial relief efforts, or medical equipment.

Morrison & Foerster is uniquely positioned to provide insight and counsel on the various facets of cyberattack preparedness and response. Our market-leading Global Privacy + Data Security team has decades of collective experience helping clients navigate these and other pressing issues. Visit our new Privacy + Data Security Litigation practice page to learn how our team can help your company with potential litigation arising from a breach.



Unsolicited e-mails and information sent to Morrison & Foerster will not be considered confidential, may be disclosed to others pursuant to our Privacy Policy, may not receive a response, and do not create an attorney-client relationship with Morrison & Foerster. If you are not already a client of Morrison & Foerster, do not include any confidential information in this message. Also, please note that our attorneys do not seek to practice law in any jurisdiction in which they are not properly authorized to do so.