Ransomware attacks are increasing in their severity and sophistication, with healthcare companies being significant targets. Ransomware actors often target businesses believed to have fewer resources to invest in cyber protection, as well as those holding sensitive data, in the hopes that they will be more likely to make a quick ransom payment.
In a recent LawFlash, members of our privacy and cybersecurity and international trade and national security teams examine an advisory issued by the US Department of the Treasury’s Office of Foreign Assets Control (OFAC), in which OFAC strongly discourages victims of ransomware attacks from making payments, instead suggesting proactive steps that companies should take to mitigate ransomware risks.