Skip to content

October Is National Cybersecurity Awareness Month – Be Cyber Alert and Guard Against Ransomware

October 20, 2021

This month is the 18th Annual National Cybersecurity Awareness Month in the United States, sponsored by the Cybersecurity and Infrastructure Security Agency (CISA) and the National Cyber Security Alliance. This year’s theme is again “Do Your Part. #BeCyberSmart.” Being Cyber Smart includes awareness of current threats like business email compromise (BEC), phishing, ransomware, and supply chain compromise. This Alert addresses ransomware, which is one of today’s greatest threats.

Ransomware is a type of malware that encrypts data. Attackers then demand payment, usually in cryptocurrency, for a victim to get the decryption key and restore access to the data. Ransomware attackers also frequently exfiltrate (steal) a victim’s information and demand payment for not disclosing or selling the information.

Ransomware is a growing and evolving threat. For example, on Oct. 15, the U.S Treasury’s Financial Crimes Enforcement Network issued a report, Ransomware Trends in Bank Secrecy Act Data Between January 2021 and June 2021. It reported that “[t]he total value of suspicious activity reported in ransomware-related SARs [suspicious activity reports] during the first six months of 2021 was $590 million, which exceeds the value reported for the entirety of 2020 ($416 million).” It also found $5.2 billion in payments to virtual currency wallets potentially tied to ransomware payments.

Following a number of high profile cyberattacks, including the Colonial Pipeline ransomware attack earlier this year, the federal government established a multiagency website, StopRansomWare, that provides combined resources for preventing, responding to, and recovering from ransomware. Resources include a wealth of information from federal agencies, like CISA’s Protecting Sensitive and Personal Information From Ransomware-Caused Data Breach and Ransomware Guide, published by CISA and the Multi-State Information Sharing & Analysis Center. It also includes a link to the National Institute of Standards and Technology’s (NIST) Ransomware Protection and Response website, which includes a list of comprehensive technical publications related to ransomware.

Preventing, responding to, and recovering from ransomware are important parts of comprehensive cybersecurity programs for businesses and organizations of all sizes. Cybersecurity Awareness Month is a good time to review and update plans in light of increasing ransomware threats and the new information resources listed in this Alert.

If you have questions about the content of this alert, please contact David Ries (dries@clarkhill.com; 412.394.7787), Jeffrey Wells (jwells@clarkhill.com; 202.640.6682 or another member of Clark Hill’s Cybersecurity, Data Protection, and Privacy Group.

Subscribe for the latest

Subscribe

Related

Event

Webinar: Special Education Bootcamp - Compliance Foundations Under IDEA

Whether you are new to special education leadership or looking to reinforce your foundational knowledge, this interactive webinar will provide a comprehensive overview of the core compliance requirements under the Individuals with Disabilities Education Act (IDEA). Designed for school leaders who are responsible for ensuring legally sound practices, this session will offer practical tools and strategies to help participants navigate common procedural and substantive pitfalls, support sound decision-making, and build a compliant and student-centered special education program.

Explore more
Event

Telehealth Week Webinar 2025: Navigating Legal Changes and Future Trends for Healthcare Providers

Join Paul Schmeltzer, Carrie Foote, and John Howard for our one-hour annual Telehealth Week webinar, focused on the evolving legal landscape of telehealth. This session will cover key topics, including the upcoming DEA final rule on prescribing controlled substances via telehealth, federal reimbursement concerns for telehealth, and what healthcare providers need to prepare for other upcoming changes.

Explore more
Event

Webinar: The Transatlantic Tightrope: AI, ESG and the Evolving Duty of Care for Multinational Companies

Join Mariah Leffingwell and Sam Saarsteiner for a conversation, moderated by co-chair of Clark Hill’s ESG & Sustainability advisory practice, Maram Salaheldin,  that bridges the Atlantic—and the gap between innovation and accountability—as they explore how today’s duty of care must adapt to tomorrow’s technologies.

Explore more