National Cybersecurity Legal Institute focuses on ransomware

On March 5, the University of South Carolina School of Law will host the 2nd annual National Cybersecurity Legal Institute in Columbia, SC. In partnership with the FBI, the School of Law will raise awareness about the ransomware threat landscape and discuss best practices for preventing and responding to this threat.

“Ransomware attacks are becoming more sophisticated and clearly pose as an escalating threat for the foreseeable future,” says Karen Painter Randall, director of the School of Law’s Cybersecurity Legal Task Force. “Ransomware has a devastating impact on all organizations, causing a loss of sensitive information, disruption to operations, financial loss and harm to an organization’s reputation. Simply put, ransomware can put you out of business.”

Any organization that possesses important data stored on their computer or network is at risk and a primary target for a ransomware attack. According to malware lab Emsisoft, attacks on government agencies, educational establishments, and healthcare providers increased sharply in 2019 — affecting at least 966 organizations — and resulted in billions of dollars of damage.

In these industry sectors particularly, attacks threatened the health, safety and lives of hundreds of thousands of people who depended upon these services.

• Emergency medical services became unavailable causing emergency room patients to be redirected to other hospitals; critical digitized medical records could not be accessed by physicians for treatment causing them to resort to paper records.
• Sensitive school and student information was accessed and exfiltrated resulting in costly notification.
• The State of Louisiana declared a state of emergency twice due to ransomware attacks on its school districts, city hall etc. Police department systems were encrypted resulting in a disruption of services and lost evidence.

“The fact that there were no confirmed ransomware-related deaths in 2019 is simply due to good luck, and that luck may not continue into 2020,” said Fabian Wosar, Emisoft’s chief technology officer, in a post on the company’s blog. “Governments and the health and education sectors must do better.”

Of course, ransomware is not isolated to these sectors. Companies and law firms of all sizes have gone out of business because of a successful attack.

The provenance of ransomware attacks is not new. What is new is the hackers’ level of sophistication and innovative approach to this threat vector. These attacks also are caused by a lack of cybersecurity preparedness.

The Institute’s mission is to shed light on the rapidly evolving threat landscape, the impact of ransomware attacks on an organization and strategies behind successfully navigating a response to an attack. Some of the important issues to be explored at the Institute include:

• Defining and identifying ransomware
• How a ransomware attack occurs
• Response options to a ransomware attack
• The legal implications of paying or not paying the ransom
• The types of insurance available to cover the cost of a ransomware attack
• Best practices for preventing a ransomware attack including a discussion on Cybersecurity and Infrastructure Security Agency’s new ransomware resources

Who Should Attend?

• Attorneys
• In-House Counsel
• Chief Information Security Officers
• Risk Managers
• Financial Institution Leadership
• Educational Institutions Leadership
• State and Local Government Leadership
• Healthcare Sector
• Insurance Brokers and Carriers

The Institute has been approved for 5.83 hours of CLE credit.

Registration for the Institute is available online at https://uofsclaw.us/2020Cyber

Tickets are

• $250 for the general public
• $150 for government and non-profit employees who register with their organization email address
• FREE for University of South Carolina faculty, staff and students who register with their sc.edu email address

The University of South Carolina School of Law is located at 1525 Senate Street in Columbia, South Carolina. For more information about the Institute, please contact [email protected].