Kaseya’s decision to cooperate with the DOJ and FBI in the hours and days following the cyberattack enabled law enforcement to identify and arrest the man allegedly behind the attack.
Willkie’s Cybersecurity and Privacy team advised and represented Kaseya, an IT management and monitoring software provider, in the wake of one of the largest and most highly-publicized ransomware attacks in history. On November 8, the DOJ announced the arrest of one of the two men, a Ukrainian national, allegedly behind the attack. The incident, which took place in July, involved a Russian-associated group leveraging certain features in the Kaseya software to deliver ransomware payloads to approximately 800-1500 of Kaseya’s customers and downstream users worldwide.
As part of Kaseya’s response and recovery efforts, Willkie advised the company on several fronts. The team led strategies for briefing and coordination with the federal government and other executive branch policymakers; conducted outreach to Congressional leadership; responded to inquiries from state AGs and other regulators; retained forensic consultants to identify the nature and scope of the incident and any potential fixes, and oversaw the investigation conducted by the forensic consultants, including the development of any relevant reports or other updates. The team also provided ongoing counsel on communications with Kaseya’s Board and developed vehicles and messaging to engage customers with potential fixes, updates, and decryption tools.
As a result of Willkie’s efforts, DOJ officials praised Kaseya for cooperating with the government, which enabled the government to help victims of the attack and ultimately arrest the man who allegedly spearheaded it. The matter and Willkie’s representation were covered by The National Law Journal. The article can be found here.
The Willkie team was led by partners Laura Jehl and Daniel Alvarez and counsel Richard Borden, and also included partners Jeffrey Clancy, Elizabeth Bower, Matthew Guercio, Jeffrey Korn and David Murray.