Although ransomware attacks are increasingly common, they need not be catastrophic for a business. Advance preparation, proper crisis management, timely remedial action, accurate assessments of harm, and, when appropriate, effective communications including notifications to government and affected individuals, can significantly mitigate the business impact of these incidents.

Crowell & Moring is well-positioned to help you prepare for and respond to ransomware attacks. In these crisis situations, our cybersecurity team is on the ground providing support at every stage, from initial internal investigation and risk management, through making notifications where appropriate, and, if necessary, government enforcement actions and litigation. We also work with technical consultants when appropriate through relationships structured to help maintain confidentiality and privilege for forensic investigations.

We have investigated hundreds of cybersecurity incidents, and our specific experience with ransomware includes advising victims of the following:

  • REvil/Sodinokibi
  • DarkSide
  • Maze
  • Ryuk
  • Suncrypt
  • DoppelPaymer
  • Netwalker
  • Cryptolocker
  • CL0P
  • WannaCry
  • NotPetya
  • Multiple novel ransomware strains and emerging threat actor groups

Crowell & Moring’s cybersecurity team also works closely with other practice groups at the firm that have relevant experience with the wide range of issues raised by ransomware attacks, including International Trade, Insurance/Reinsurance, Government Contracts, White Collar, National Security, and Financial Services.

If you need help assessing your ransomware preparedness or are the victim of an attack, please contact one of the Crowell & Moring lawyers listed above. We have also created a checklist to help you respond to a ransomware attack.