Mondaq Latest Legal Update

Mondaq Latest Legal Update

Mondaq Latest Legal Update

Recently, a new cyberattack trend has emerged, known as "double extortion." This tactic involves cybercriminals gaining access to sensitive files and data through ransomware, and then demanding a ransom payment to prevent them from publishing or selling the stolen information. This trend has been on the rise in recent months, with high-profile companies, government agencies, and healthcare institutions falling victim to these attacks.

One recent example of this new trend involves the world's largest meat processing company, JBS Foods. In late May 2021, JBS was hit with a ransomware attack that resulted in their operations being shut down in the United States, Canada, and Australia. The attackers, known as "REvil," demanded a ransom payment of $11 million in exchange for the stolen data. JBS ultimately paid the ransom to prevent the data from being published.

This incident has raised concerns about the security of critical infrastructure and the impact that these attacks can have on the global supply chain. The White House issued a statement calling for aggressive steps to be taken in response to the ransomware attack on JBS. The Department of Homeland Security also issued a warning to companies in the food and agriculture sector to be on high alert for similar attacks.

JBS is not the only high-profile victim of double extortion attacks. Earlier this year, Colonial Pipeline fell victim to a similar ransomware attack, resulting in a shutdown of their operations. The company ultimately paid a ransom of $4.4 million to regain control of their systems.

The rise of double extortion attacks has prompted action from governments and law enforcement agencies. In the United States, the Department of Justice (DOJ) has directed all 93 U.S. Attorney's Offices to devise and implement anti-ransomware initiatives. Additionally, the DOJ has established a new task force dedicated to investigating and prosecuting ransomware cases.

In the United Kingdom, the National Crime Agency (NCA) has launched a campaign to raise awareness and provide guidance on how companies can protect themselves against ransomware attacks. The NCA has also warned that paying ransom demands may not guarantee the safe return of data, as the attackers may still choose to publish or sell the stolen information.

One proposed solution to combat double extortion attacks is to prohibit ransom payments altogether. However, this approach has been met with criticism, as some believe it would only incentivize cybercriminals to continue their attacks, knowing that victims have no choice but to pay the ransom.

Ultimately, the best defense against double extortion attacks is a strong cybersecurity strategy. Companies should regularly back up their data, update their security systems, and have an incident response plan in place in case of a cyberattack. Additionally, companies should invest in employee training to raise awareness about potential cyber threats and how to prevent them.

In conclusion, the rise of double extortion attacks is a concerning trend that requires action from all parties involved. Governments, law enforcement agencies, and companies must work together to strengthen cybersecurity measures and prevent cybercriminals from profiting off of these attacks.

Disclaimer:
The Bar Council of India does not permit the solicitation of work and advertising by legal practitioners and advocates. By accessing The Law Codes website, the user acknowledges that:The user wishes to gain more information about us for his or her information and use.He/She also acknowledges that there has been no attempt by us to advertise or solicit work. Any information obtained or downloaded by the user from our website does not lead to the creation of the client-attorney relationship between our office and the user. None of the information contained on our website amounts to any form of legal opinion or legal advice. All information contained on our website is the intellectual property of the office.