Global Cyberattack Exploits Known Vulnerabilities
Monday, May 15, 2017
Cyber, Global Cyberattack Exploits Known Vulnerabilities
Print Mail Download i

As you likely know by now, international cybercriminals launched a worldwide ransomware attack last Friday with the European law enforcement agency Europol reporting over 100,000 affected organizations in 150 countries, including the U.S. Reports indicate that health care providers, universities, and other large companies were all targeted. The Department of Health and Human Services also confirmed evidence of the attack occurring within the U.S. The attack exploited a known vulnerability in the Microsoft operating system, for which a patch is available. The Department of Homeland Security is encouraging all Americans to update their security systems and back up data to prevent possible loss, and is also reminding users not to click on unfamiliar links or open unfamiliar documents in emails. 

We echo DHS, and urge all organizations to take steps to help protect against an attack from occurring, while strengthening response preparedness should an attack occur. For regulated entities, this means at a minimum heeding compliance with applicable cybersecurity regulations, including training and creating awareness among all workforce members who can access the organization’s IT systems.

Falling on the heels of President Trump’s Executive Order on cybersecurity, this global attack is sure to increase pressure on implementation of the directives outlined in this order and elevate our nation’s public and private cybersecurity readiness to the fore of political discussion. And with the impending selection of a new FBI director, look for cybersecurity to be a topic of questioning for whoever faces the gauntlet of Senate confirmation for this position. The apparent paralyzing effect of this attack across sectors of critical infrastructure such as telecom, rail, finance and health and human services highlights the need for law enforcement at all levels to be well versed in cyber competency. But it also serves as a reminder that human error, from lax cybersecurity practices to errant email handling, remains one of the top vulnerabilities facing organizations and enterprises today.

Jackson Lewis P.C. © 2024

Current Legal Analysis

More from Jackson Lewis P.C.

SDNY Denies Leave to Amend ERISA Complaint with “Substantively the Same Defects” as Dismissed Complaint
by: Alex E. Hotard , Phillip C. Thompson
Should We Submit Missing Participant Data to the DOL with the Plan’s Form 5500?
by: Suzanne G. Odom
USCIS Updates Form N-400 Application for Naturalization
by: Michael H. Neifach , Porter S. Young
Federal Trade Commission’s Sweeping Final Rule to Ban Non-Competes: What You Need to Know
by: Clifford R. Atlas , Erik J. Winton
USCIS Removes Validity Period on Immigration Medical Exam Form I-693
by: Manda Brefo
DOL Releases Final White-Collar Exemption Rule, Sets Minimum Salary to Increase in Phases Beginning July 1, 2024
by: Jeff Barnes , Jeffrey W. Brecher
New HIPAA Final Rule Imposes Added Protections for Reproductive Health Care Privacy
by: Joseph J. Lazzarotti
Special Report: PWFA Final Regulations
by: Joseph J. Lynett , Katharine C. Weber
EEOC Issues Final Regulations to Implement the Pregnant Workers Fairness Act
by: Jenifer M. Bologna , Katharine C. Weber
Department of Education Releases Final Rule Amending Title IX Regulations
by: Susan D. Friedfel , Monica H. Khetarpal

Upcoming Legal Education Events

 

NLR Logo

We collaborate with the world's leading lawyers to deliver news tailored for you. Sign Up to receive our free e-Newsbulletins

 

Sign Up for e-NewsBulletins