Saturday, September 25, 2021

Subscribers Only

Free

OFAC Announces New Measures to Address Ransomware Attacks

The U.S. Department of Treasury, Office of Foreign Assets Control (“OFAC”) implemented additional measures today to combat the growing ransomware problem.  OFAC’s measures consist of: (1) the designation of the entire SUEX OTC, S.R.O. (“SUEX”) crypto-currency exchange (SUEX) to the SDN List; (2) designating a fairly large number (~25) additional digital currency addresses to the […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

OFAC Again Says Beware of Sanctions When Making Ransomware Payments and Designates Virtual Currency...

On September 21, Treasury’s Office of Foreign Assets Control issued an Updated Advisory on Potential Sanctions Risks for Facilitating Ransomware Payments on the sanctions risks associated with facilitating ransomware payments. It explains that OFAC has designated malicious cyber actors under its cyber-related sanctions programs. Cyberattack victims, financial institutions, insurance firms and other companies assisting with […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

U.S. Treasury Sanctions Russian Cryptocurrency Platform for Ransomware Laundering

The Treasury Department has announced sanctions against Russia-based cryptocurrency exchange Suex or facilitating transactions involving money gained via ransomware and other hacking. The sanctions block all of Suex’s property and business interests in the U.S. Additional sanctions are threatened for any individuals who engage with the platform. Treasury said that over 40% of Suex’s transactions […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

FTC Adopts Policy Statement on Privacy Breaches by Health Apps and Connected Devices

On September 15, the FTC adopted – on a 3-2 party-line vote – a policy statement that takes a broad view of which health apps and connected devices are subject to the FTC’s Health Breach Notification Rule and what triggers the Rule’s notification requirement. The Rule was promulgated in 2009 under the Health Information Technology […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

BIS Requests Comments on ICT Supply Chain Risks

On September 20, 2021, the Commerce Department’s Bureau of Industry and Security (BIS) published a Notice of Request for Public Comments on Risks in the Information Communications Technology (ICT) Supply Chain. The RFC calls for comments on cybersecurity and supply chain challenges for the ICT sector and will inform a federal report on ICT supply […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

NDAA Amendment Would Require CMMC Cost Estimate

A new amendment to the fiscal 2022 National Defense Authorization Act would require the Department of Defense to give Congress an estimate of how...

FTC Warns Digital Health Industry to Comply with its Breach Notification Rule

The FTC has again signaled its focus on the growing use of apps, wearables, and other devices to track health and wellness data, in a statement on the scope of the Health Breach Notification Rule. The rule is intended to address those entities that collect health information, but are not covered by HIPAA. Under the […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

U.S. in New Security Partnership with Australia, U.K.

The Biden administration has announced the formation of a new security partnership with Australia and the United Kingdom, which will focus on advancing cyber and other emerging technology with military capabilities. Administration officials say that AUKUS is not targeting China, but that country looms large in issues the partnership says it will address. A key […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Security Breach Notification Chart – Revised September 2021

Perkins Coie’s Privacy & Security practice maintains a comprehensive chart that summarizes state laws regarding security breach notification. The chart is for informational purposes only and is intended as an aid in understanding each state’s sometimes-unique security breach notification requirements. The chart has been revised to reflect new developments in state cybersecurity laws and regulations […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Life with GDPR – To Pay or Not to Pay

In this 19-minute episode of “Life with GDPR”, Jonathan Armstrong and Tom Fox discuss the difficult decision of whether to pay or not to pay a ransomware demand. Some of the questions considered include: How does a ransomware attack occur? What are the potential legal and commercial risks of paying ransoms? What about specific new […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.