Willkie Farr represents software company praised by DOJ for cooperation following cyberattack

Tech provider Kaseya, represented by Willkie Farr & Gallagher, has cooperated extensively with the US Department of Justice and the FBI following a cyberattack earlier this year, earning praise from DOJ officials who presented the business as a ransomware success story.

After Kaseya, a multinational software company, was attacked in July, the company almost immediately reported the breach to the FBI, Justice Department officials said, leading to the arrest of a Ukrainian man, Yaroslav Vasinskyi, accused of having directed this attack and others who made victims of it. people and businesses around the world.

Deputy Attorney General Lisa Monaco, who made public advocacy businesses and their outside lawyers to cooperate with the government in the wake of cyber attacks, praised Kaseya on her decision to disclose the breach and work with federal law enforcement.

“We are here today because in their darkest hour Kaseya made the right choice and they decided to work with the FBI,” Monaco said at a press conference with ministry officials. Justice, the FBI and the Treasury. “Almost immediately after being hit, Kaseya provided the FBI with the information it needed to act and act quickly. In doing so, we were finally able to identify and help many victims of this attack, and also follow the trail to Vasinskyi.

Kaseya turned to Willkie, Laura Jehl and Daniel Alvarez, co-chairs of the firm’s cybersecurity and privacy practice group, to manage the fallout from the attack. Jehl, who joined Willkie earlier this year of McDermott Will & Emery, helps advise companies “on notifications to U.S. and international regulators, and conducts sensitive interactions with law enforcement and national security agencies related to cyber incidents,” according to his bio page.

Alvarez is a former legal advisor to the Federal Communications Commission.

Willkie’s attorney, Richard Borden, was also part of the effort.

Kaseya also retained the Krebs Stamos group, a cybersecurity consultancy firm started by former senior US cybersecurity official Chris Krebs and former Facebook security chief Alex Stamos.

“At Kaseya, we are grateful for the support and assistance provided by the FBI, as well as the swift action and response provided by the Department of Homeland Security, the Department of Justice and all other government entities. Americans involved. From day one, the FBI has been, and continues to be, a great partner for us, ”said Dana Liedholm, senior vice president of corporate marketing for Kaseya, in a statement.

Jehl did not immediately return a request for comment.

FBI Director Christopher Wray said the company’s collaboration with the office allowed law enforcement to identify which Kaseya clients were affected by the attack and possibly develop a decryption key for them. unlock customer data held hostage by hackers.

Officials were quick to hail the Kaseya episode as an example of the benefits companies reap from early and consistent cooperation with the government on cybersecurity.

“When the FBI is engaged early, we can provide more and better support to victims,” Wray said. “We can get them intelligence and technical information faster and we can quickly come back from the intrusion to track and seize criminals’ money before they can jump wallet after wallet and trade after trade. “

Vasinskyi was arrested by Polish authorities after traveling from Ukraine to Poland, US officials said. He was indicted in the North Texas District on 11 federal charges and prosecutors will seek his extradition to the United States.

U.S. officials also announced Monday an indictment against a Russian national accused of carrying out cyber attacks against entities in Texas and the seizure of $ 6.1 million in ransoms paid by victims of the attacks.

Justice officials have presented the enforcement measures as a blow to the battle against ransomware attacks, which have emerged as a growing threat to national security following strikes earlier this year against the Colonial. Pipeline and the food company JBS.

Officials said the attacks were carried out by non-state criminal groups who infect computers with malware, allowing them to lock down a company’s or individual’s networks until they pay a ransom. .

This is the second time this year that the DOJ has been able to recover ransoms paid in cryptocurrency to hackers. Earlier this year, the department was able to seize about half of the bitcoin payment linked to the colonial pipeline attack.

“Cybercrime is a serious threat to our country: to our personal security, to the health of our economy and to our national security,” Attorney General Merrick Garland said in a statement. “Our message today is clear. The United States, along with our allies, will do everything in their power to identify the perpetrators of ransomware attacks, bring them to justice, and recover the funds they have stolen from their victims.

Clarification: This story has been updated to reflect that Willkie Farr & Gallagher partner Daniel Alvarez and attorney Richard Borden also represented Kaseya.