With an increase in the frequency, sophistication, and cost of ransomware attacks, the Financial Crimes Enforcement Network (FinCEN) issued an advisory on October 1, 2020 alerting financial institutions to ransomware trends and typologies, and related financial red flags, that may result in a regulatory obligation to report and share information related to ransomware attacks. Based […]
Enforcement
OFAC Ransomware Advisory Warns Companies of Potential Civil Liability
Yesterday, October 1, 2020, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) issued its “Advisory on Potential Sanctions Risks for Facilitating Ransomware Payments.” The advisory begins with the observation that “ransomware attacks have become more focused, sophisticated, costly, and numerous,” citing certain FBI statistics, before making clear what was already well […]
DOJ Charges Seven Individuals in Connection with Global Hacking Campaigns Against More Than 100 Companies
On September 16, 2020, the U.S. Department of Justice (DOJ) announced that seven individuals believed to be part of a hacking group known as APT41 or “Wicked Panda,” including five Chinese nationals and two Malaysian nationals, have been charged in connection with a global hacking campaign that affected more than 100 companies around the world. […]
German DPA Publishes Schrems II Transfer Compliance Checklist and Suggested Modifications to SCCs
On August 24, 2020, the data protection authority of the German state of Baden-Württemberg (the “DPA”) published guidance (the “Guidance”) on international transfers of personal data following the Schrems II judgment (which we have previously covered here). This represents the first comprehensive guidance by a European privacy supervisor indicating how it intends to enforce the […]
EU Announces First Sanctions under EU Cyber Sanctions Regime
On July 30, 2020, the European Council announced sanctions against six individuals and three organizations for their involvement in a series of cyber-attacks that have caused significant damage in the EU and around the world over the last several years. The announcement follows the EU’s adoption last year of Decision (CFSP) 2019/797, which established the […]