John F. Savarese, Sarah K. Eddy, and Sabastian V. Niles are partners at Wachtell, Lipton, Rosen & Katz. This post is based on a Wachtell memorandum by Mr. Savarese, Ms. Eddy, Mr. Niles, and Jeohn Salone Favors.
This past weekend, criminal ransomware cyberattacks drove the shutdown of one of America’s largest pipelines for refined gasoline, diesel fuel, and jet fuel as a precautionary means of containing the impact of the breach, highlighting the vulnerability of the nation’s energy infrastructure. Recent reports indicate that more than two dozen other company victims across a range of industries were targeted by these ransomware attacks, with worse damage blocked thanks to close and rapid coordination between federal authorities and private sector partners to identify and swiftly shut down servers being used in the attack. Earlier this month, a California-based regional hospital operator had to take healthcare IT systems offline following a cyberattack, significantly disrupting care, forcing medical personnel to use back-up paper records and raising concerns about vulnerabilities in the healthcare system as the nation continues to battle the Covid-19 pandemic.
In addition to the most recent incidents highlighted above, 2020 featured one of the most ambitious and troubling cyberattacks in history: hackers associated with a foreign intelligence service surreptitiously implanted malicious code into Texas-based technology firm SolarWinds’s Orion network management tool, an application used by tens of thousands of clients, including Microsoft, the U.S. government and FireEye, a prominent cybersecurity firm that helped discover and alert the world to the compromise. More recently, in April 2021, authorities discovered that attackers had, since at least June 2020, been exploiting security flaws in virtual private network (VPN) products offered by an IT software provider. Like the SolarWinds hack, the breach affected federal government agencies and numerous private companies.