ACER Suffers the Largest Ransomware Demand Ever

ACER Suffers the Largest Ransomware Demand Ever

Each month, RCM&D’s Cyber Practice highlights key issues in the world of cybersecurity. In this month’s edition of Cyber News Bytes, we discuss updates in practicing law virtually, ACER's most recent and major ransomware attack, and more. 

ABA Issues New Formal Opinion on Practicing Law

The American Bar Association (ABA) has issued a new formal opinion on virtually practicing law. As many continue to work remotely due to the COVID-19 pandemic, the opinion highlights several recommendations for practicing law outside the office in a remote setting. These recommendations, highlighted by Ride The Lightning, include:

  • Maintaining confidentiality and protecting client information.
  • Carefully selecting appropriate cloud-based storage systems and taking steps to preserve the confidentiality of client information while ensuring information is still accessible.
  • Supervision of subordinates and making sure they receive training on ethical obligations to maintain the confidentiality of client information.  It also recommends adopting a bring-your-own-device policy.  
  • Providing a physical address and contact information for a virtual practice. 
  • Ensuring virtual client meetings and information shared remains confidential, particularly when working virtually.  
  • Maintaining trust account obligations.

Business Email Compromise Risks and How to Protect Your Business

A recent article from AXA XL highlights some evolving trends in the development of business email compromise, the fastest-growing type of social engineering fraud. It hones in on three reasons the practice is evolving, which include:

  1. Stressed remote workers are easy targets – Many employees working from home are dealing with new levels of stress from many different angles.  In addition,  employers lose some control over security and employees may tend to utilize home networks and devices as workarounds.
  2. Fraudsters are growing bolder – Many cybercriminals are growing increasingly more aggressive and applying more pressure on businesses.  Some newer tactics from fraudsters involve not only sending a fraudulent email, but also following it up with a fraudulent phone call pretending to be a lawyer involved in the transaction.   Some have even posed as cybersecurity firms 
  3. No consequences = big rewards – Given that they face little risk of retribution for their social engineering fraud schemes, scammers are making off with larger sums. 

Pawan Chawla Interview Covers Several Key Topics

CISO Mag's recent interview with Pawan Chawla of Future Generali India Life Insurance addresses several important cybersecurity subjects, many of which we have discussed independently over the years.  Covering issues such as consistent change and increased complexities, talent gaps and resource shortages, and developing a cyber-resilient organization, Mr. Chawala shares valuable insights that other leaders can learn from.  The guidance from this interview is extremely valuable given the pressures expanded cyber risks present to any given organization.

ACER Hit with Largest Known Ransomware Demand Yet - $50M

Our "Cyber News Bytes" newsletter just wouldn't be complete without news of more ransomware activity. Tech giant ACER recently fell victim to a major ransomware attack, which includes the largest ransom demand to date with a ransom of $50 million. This large price tag exemplifies the rise in ransomware severity observed in the last 18-24 months. The attack is believed to be the result of recently identified Microsoft Exchange vulnerabilities. Given the attack's severity and the systemic nature of the Microsoft Exchange vulnerability, this will be an important story to follow in the weeks ahead. You can find resources spotlighting the Microsoft Exchange vulnerabilities in articles from Insurance Business Magazine and Security Week.

Questions? 

RCM&D is here for you to help protect your cybersecurity. Talk to a trusted advisor today with any questions on these highlighted issues and beyond. 

Category