According to recent media reports there have been several instances of blockchain bridges being hacked this year, including reports on August 2 that a bridge lost close to $200 million to upwards of 40 hackers who exploited a bug in its protocol, and reports in June that another bridge lost $100 million from hackers allegedly […]
Cybersecurity
Germany’s Cyber Threat Landscape – Top 3 Lessons from the BKA Situation Report
Germany boasts one of the world’s largest, most sophisticated, and international economies. Companies doing business in Germany are thus an increasingly relevant target for cyberattacks. Germany‘s Federal Criminal Police Office (Bundeskriminalamt or BKA) is the federal law enforcement agency charged with investigating cybercrime, and for coordinating federal-state cooperation in cybercrime matters. The BKA recently published […]
SEC Settles Enforcement Actions with Broker-Dealers and Investment Advisors for Identity Protection Deficiencies
On July 27, 2022, the Securities and Exchange Commission (SEC) separately settled three enforcement actions with broker-dealers and investment advisers for alleged deficiencies relating to the prevention of customer identity theft, in violation of the SEC’s Identity Theft Red Flags Rule, or Regulation S-ID. Regulation S-ID requires registered financial institutions, broker dealers, and investment advisers […]
UK Information Commissioner’s Office Issues Warning on Ransomware Payments
On July 8, 2022, the UK Information Commissioner’s Office (UK ICO) together with the UK National Cyber Security Centre (NCSC), published a joint letter asking the Law Society of England & Wales to remind its members that they should not advise clients to pay ransomware demands should they fall victim to a cyber-attack. The Law […]
New Cybersecurity Rules In India Impose Strict Reporting Requirements and Steep Penalties
The Indian Computer Emergency Response Team (“CERT-In”) issued Directions on April 28, 2022 “to strengthen the cybersecurity in the country” and that has significant implications for the cybersecurity landscape. Effective June 27, 2022, the Directions, among other requirements, impose a strict 6-hour timeline for notice of a cybersecurity incident and expands the types of cybersecurity […]