This post was authored by Linn Foster Freedman and is also being shared on our Data Privacy + Cybersecurity Insider blog. If you’re interested in getting updates on developments affecting data privacy and security, we invite you to subscribe to the blog.

Manufacturers of products often are not prepared for, or aware that cybersecurity incidents

On October 1, 2020, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) issued an advisory “to highlight the sanctions risks associated with ransomware payments related to malicious cyber-enabled activities.”

The advisory acknowledges that the incidents of ransomware attacks on U.S. companies have risen during the COVID-19 pandemic. Although the advisory does not mention that companies have been paying ransoms when they are victimized, it has been publicly reported that companies have paid ransoms, particularly when data has been exfiltrated and the cybercriminals are threatening to post the data online unless a ransom is paid for confirmation of destruction, as is the scheme used by Maze.
Continue Reading OFAC Issues Advisory on Sanctions for Facilitating Ransomware Payments

Inogen, which manufactures portable oxygen devices, has alerted the Securities and Exchange Commission in a recent filing that it is notifying 30,000 individuals that their personal information was compromised when a hacker gained access to one of its employees’ email accounts through a phishing scheme.
Continue Reading Manufacturing Sector Getting Hit with Cyber-Attacks: Portable Oxygen Device Manufacturer Notifies 30,000 Patients of Breach

The 2016 Manufacturing Report by Sikich finds that there has been a progressive growth in cyber-attacks in the manufacturing sector. This is consistent with the most recent IBM /X-Force Research 2016 Cyber Security Intelligence Index, which  notes that the manufacturing industry represents the second most attacked industry, just behind health care.

Manufacturing companies often don’t