Tag Archives: Ransomware

Surviving the Pandemic: Yes, You May Have to Pay a Ransom

By Eric A. Packel on March 5, 2020 Posted in Ransomware

We are in the midst of a global pandemic. This scourge is easily transmitted, and infections are difficult to eradicate. It learns from our defenses and then mutates into new variants. It comes in various forms, with exotic names such as Sodinokibi, GandCrab and Ryuk. Sometimes its effects are mild, but in many cases it … Continue Reading

Best Cybersecurity Practices for Healthcare Organizations – Ransomware Prevention

By Aleksandra Vold and Kathryn Carey on February 8, 2019 Posted in HHS, HIPAA/HITECH, Phishing, Ransomware

This article is part of a series of blog posts exploring the recommendations and guidance Health & Human Services (HHS) provides to healthcare organizations in its “Cybersecurity Best Practices” report. For previous articles in the series, click here. The report on cybersecurity best practices (Report) is not the first time HHS has discussed the prevalent … Continue Reading

Recent OCR Newsletter Highlights Growing Cyber Extortion Threat for Healthcare Organizations

By Lynn Sessions and Kathryn Carey on February 19, 2018 Posted in Cybersecurity

The OCR’s January 2018 newsletter details specific types of cyber extortion that healthcare organizations are currently encountering, including ransomware, denial of service attacks, distributed denial of service attacks and theft of protected health information (PHI). Each type of attack poses unique challenges that may affect an organization in different ways. However, all cyber extortion disrupts … Continue Reading

Ways to Prevent & Prepare for Ransomware Attacks

By BakerHostetler on June 30, 2017 Posted in Ransomware

Ransomware was involved in 10 percent of the 450 breaches handled by our Privacy and Data Protection team in 2016. This week’s news about a global ransomware attack is another example that this trend is on the rise. Companies, governments and organizations around the world are grappling with what steps they should take to minimize … Continue Reading

Deeper Dive: Ransomware – WannaCry and the Future of Ransomware-as-a-Service

By Melinda L. McLellan and James A. Sherer on May 22, 2017 Posted in Cybersecurity, Data Breaches, Incident Response, Ransomware

In our 2017 BakerHostetler Data Security Incident Response Report, we addressed the increasingly ubiquitous scourge of ransomware, one of the fastest-growing types of malware causing data security incidents. We noted that ransomware attacks have been steadily expanding in both frequency and severity, and that those trends seemed set to continue for the foreseeable future. Less than a … Continue Reading

Deeper Dive: Forensics

By Patrick H. Haggerty on May 16, 2017 Posted in Cybersecurity

A company’s ability to quickly and efficiently conduct a forensic investigation is critical to limiting the impacts of a data security incident and determining the scope of the incident. In BakerHostetler’s 2017 Data Security Incident Response Report, we analyzed data from the more than 450 incidents we worked on in 2016. A forensic investigation occurred … Continue Reading

No More Tears: A Few Recommended Steps in Response to WannaCry Ransomware

By Erich Falke on May 13, 2017 Posted in Ransomware

On May 12, 2017, thousands of companies across the globe saw the first signs of a prolific malware outbreak. The malware, a ransomware variant labeled WannaCry, is capable of encrypting files on a device and moving laterally to encrypt files on associated file shares. On average, the ransom amount that is demanded is the equivalent … Continue Reading

Deeper Dive: Incorporating Incident Response Into Disaster Recovery Plans

By M. Scott Koller on May 8, 2017 Posted in Cybersecurity, Ransomware

Incident response and disaster recovery are both essential components of a comprehensive written information security program. However, too often these plans are implemented in a vacuum, without considering the potential synergies and improvements that can be gained when such plans are developed, deployed and tested together. Incident response and disaster recovery tend to have the … Continue Reading

Crowdsourcing Cybersecurity in 2017

By Craig A. Hoffman and Erich Falke on April 11, 2017 Posted in Cybersecurity, Ransomware

BakerHostetler began publishing its Data Security Incident Response Report in 2015. Although we were the first law firm to do so, inspiration for the report came from similar reports that cybersecurity firms issue. We will be publishing our 2017 Report on April 13, 2017, containing statistics and insights from the 450+ incidents we led clients … Continue Reading

Data Breach Trends — 2016: the Year of Ransomware

By M. Scott Koller on January 3, 2017 Posted in Ransomware

Over the past year, the BakerHostetler Incident Response team has closely monitored data breach trends, and we are confident in concluding that 2016 was the year of ransomware. Nothing has had a greater impact or has been as widespread in 2016 than ransomware. From a hospital in California to a police department in Massachusetts, ransomware … Continue Reading

A Closer Look at the OCR’s Guidance on Ransomware

By M. Scott Koller on August 22, 2016 Posted in HIPAA/HITECH, Medical Privacy

In the wake of several high-profile ransomware infections targeting hospitals and health care organizations, the Department of Health and Human Services Office for Civil Rights (OCR) has issued guidance on the growing threat of ransomware. Ransomware is a type of malware that denies access to systems and data. It uses strong cryptography to encrypt files … Continue Reading

TeslaCrypt Ransomware Developers Retire, Release Master Decryption Key

By M. Scott Koller on May 20, 2016 Posted in Cybersecurity

Ransomware is a particularly nefarious type of malware that hijacks computers and forces victims to pay a ransom in order to access their files. One of the reasons it is so successful is because ransomware developers use strong encryption that is virtually unbreakable without a decryption key. As a result, individuals and businesses without a … Continue Reading