Massachusetts AG Urges Entities to Act Now on Ransomware Threat

  • Massachusetts AG Maura Healey released a statement urging Massachusetts businesses and government entities, including law enforcement, to immediately assess existing data security practices and take appropriate steps to upgrade security measures in the wake of a recent surge in ransomware attacks, including an attack that targeted a Massachusetts ferry service.
  • AG Healey’s statement followed the release of a White House memorandum that discussed the urgent threat of ransomware attacks in the United States and best practices for businesses to prepare for and counter an attack.
  • Both AG Healey’s statement and the White House memorandum encouraged entities to implement multifactor authentication, regularly backup data, segment networks so that corporate business functions are separated from operational networks, update and patch systems promptly, test incident response plans, and use a third party to test the efficacy of security measures.
  • AG Healey’s statement further stressed that several of the listed safeguards are required under Massachusetts Data Security Regulations, which are enforced by the AG’s Office.