green-circle-full

New Month Brings New Cyber Threats, Responses and Litigation

Each month, RCM&D’s Cyber Practice highlights key issues in the world of cybersecurity. In this month’s edition of Cyber News Bytes, we discuss new ransomware guidance, rampant unemployment fraud and more. 

The Top 10 Actions to Win Against Ransomware

Protecting against a ransomware attack should be near or at the top of any organization’s priority list. A piece from Security Boulevard outlined and went in-depth on controls that can be taken to prevent these attacks. The article also describes several critical strategies to minimize the damage once an attack occurs. 

An additional resource comes from Check Point, emphasizing the importance of implementing similar controls, reviewing recent increases and the reasons for ransomware attacks impacting the healthcare industry.  The piece also provides some helpful tips to prevent ransomware and phishing attacks, which can be valuable to the healthcare sector and other industries as well.  

Fraudulent Unemployment Claims

Fraudulent unemployment claims are on the rise, creating a significant nationwide problem. Since the enactment of the CARES Act last March, state systems have been plagued with unemployment fraud claims involving cyber scams and identity theft. These schemes have resulted in the theft of millions of tax-payer dollars. 

An article from The Society for Human Resource Management (SHRM) lists the various techniques cybercriminals are currently using to obtain the personally identifiable information used in these fraudulent schemes. It also stresses the need for employers to be hyper-vigilant, providing steps to take if they or their employees encounter this issue. If an organization has multiple employees that have experienced a fraudulent unemployment claim, they should evaluate the possibility of a data incident and whether it should be reported to their cyber insurance carrier. Additionally, the article also describes steps to help safeguard against these fraudulent unemployment schemes.

SolarWinds: What Hit Us Could Hit Others

SolarWinds is speaking out after their well-publicized data breach in late 2020, one of the largest breaches we have seen to date. The company advised that what happened to them could easily happen to others. “An industry-wide approach, as well as public-private partnerships,” are needed to combat these events in the future, noted SolarWinds CEO Sudhakar Ramakrishna.

A recent Krebs On Security article has more information on SolarWinds’ statement. 

New York Legislators Introduce Proposed Biometric Privacy Act with Private Right of Action

Privacy liability continues to be a major concern for organizations around the globe. The complexity and lack of consistency create a challenging landscape to navigate. An article from D&O Diary reiterates this sentiment, highlighting the recently proposed Biometric Privacy Act in New York. While the proposed law still awaits approval and some suspect challenges due to previous proposals, the potential for significant litigation makes this a critical act to monitor.   

As author Kevin LaCroix notes in the closing points of this article, privacy issues will continue to challenge organizations in 2021, and we can expect additional privacy proposals around the world. 

A recent article from Cooley features a more sweeping privacy round up.

Questions? 

RCM&D is here for you to help protect your cybersecurity. Talk to a trusted advisor today with any questions on these highlighted issues and beyond.