Federal Bureau of Investigation

On May 16, 2022, the U.S. Department of State, U.S. Department of Treasury, and the Federal Bureau of Investigation issued combined guidance on efforts by North Korean nationals to secure freelance engagements as remote information technology workers by posing as non-North Korea nationals.
Continue Reading U.S. Issues Guidance to Companies Warning of Cybersecurity and Sanctions Risks Posed by IT Workers Directed by North Korea

On September 21, 2021, the U.S. Department of the Treasury’s Office of Foreign Assets Control issued an Updated Advisory on Potential Sanctions Risks for Facilitating Ransomware Payments on the sanctions risks associated with facilitating ransomware payments. OFAC, with assistance from the FBI, also designated SUEX OTC, S.R.O., as a malicious cyber actor, the first such sanctions designation against a virtual currency exchange.
Continue Reading OFAC Again Says Beware of Sanctions When Making Ransomware Payments and Designates Virtual Currency Exchange as Malicious Cyber Actor

On June 3, 2021, the U.S. Supreme Court in Van Buren v. United States reversed the U.S. Court of Appeals for the Eleventh Circuit’s decision to uphold the conviction of Nathan Van Buren, who was alleged to have violated the Computer Fraud and Abuse Act of 1986.
Continue Reading United States Supreme Court Adopts Narrow Interpretation of Scope of Liability Under the Computer Fraud and Abuse Act

On May 6, 2019, the U.S. Department of Health and Human Services’ Office for Civil Rights announced that it had entered into a resolution agreement and $3 million settlement with Touchstone Medical Imaging. The settlement is the first OCR HIPAA enforcement action in 2019, following an all-time record year of HIPAA enforcement in 2018.
Continue Reading OCR Settles with Medical Imaging Services Company

Recent press reports indicate that a cyber attack disabled the third-party platform used by oil and gas pipeline company Energy Transfer Partners to exchange documents with other customers. This incident and others raise questions about cybersecurity across the U.S. pipeline network.
Continue Reading Attacks Targeting Oil and Gas Sector Renew Questions About Cybersecurity

On July 26, 2016, the White House unveiled Presidential Policy Directive PPD-41, which sets forth principles for federal responses to cyber incidents approved by the National Security Council. PPD-41 first focuses on incident response to cyber attacks on government assets, but also outlines federal incident responses to cyber attacks on certain critical infrastructure within the private sector.
Continue Reading White House Releases New Policy on Federal Cyber Incident Response