Consider This
Improve Your Cybersecurity. And That's an Order! On April 5, 2024, New Mexico Governor Michelle Grisham issued an Executive Order mandating comprehensive actions to enhance cybersecurity measures across the state's agencies.
Prescription: No Salt in Wounds. On April 5, 2024, Tennessee Senator Shane Reeves introduceda bill that would make it harder for victims of a data breach to sue. Under the bill, a private entity cannot be civilly liable in a class action resulting from a cybersecurity event unless the event was caused by willful, wanton, or gross negligence on the part of the private entity.
Let's Can Spam. OnApril 15, 2024, Microsoft announced that it will impose limits on the Exchange bulk emails to 2,000 each day. The limitation will begin in January 2025.
No Plan for a Ban. On April 16, 2024, Kemba Walden, the former acting national cyber director, saidthat a ransom payment ban is not presently feasible, as a ban could bankrupt small - and medium-sized businesses that the American economy relies upon.
AI Put to the Task. On April 17, 2024, Cybercom announced a task force in concert with the Department of Defense to identity and apply AI in cybersecurity to close vulnerabilities across DOD networks.
NATO and Co. On April 18, 2024, NATO announced a new facility, the Cyber Center, where civilians and military and industry experts can work together to address potential cyber threats.
CISA Pilot Program Taking Flight. On April 25, 2024, CISA announced that over 7,000 organizations have signed up for its pilot program, which warns organizations about potential ransomware attacks.
As The World Turns
Ransomware Attackers Taking a Bite Out of Food and Agriculture. Food and Agriculture-Information Sharing and Analysis Center's April 16, 2024 annual report revealed that the US food and agriculture sector experienced at least 167 ransomware attacks last year alone.
Money, Money, Money. An April 18, 2024 joint advisory notes that the Akira ransomware group has extorted $42 million from 250 victims since March 2023. Akira typically obtains access through VPNs not protected with MFA, exploiting known Cisco vulnerabilities.
AI, PI, and IP Walk Into a Bar. An April 19, 2024 NSA report notes that threat actors can use AI to target a company's PI and IP.
For Whom the Bell Tolls. On April 19, 2024, the FBI warned of social engineering attacks using fake text messages to fool people into downloading malware, sharing sensitive information, or even sending money to threat actors.
As if Online Dating Wasn't Hard Enough Already. On April 26, 2024, the FBI issued a PSA warning of "free" online verification service schemes fraudsters use to target users of dating websites and applications (apps) to defraud victims into signing up for recurring payments."
Visit our Data Privacy & Cybersecurity Practice page to find an experienced attorney in your area. Read more about data privacy and cybersecurity on our blog, Digital Insights.
Click on our map of the United States, then choose "Data Breach Notification Statutes" or "Information Security Standards," and then click on the specific state for which you would like information.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.