Internet, Information Technology & e-Discovery Blog

Internet, Information Technology & e-Discovery Blog

Social changes brought about by the Internet & Technology

Cyber Legal Risks to Most Businesses since 55% of Senior Management Delegates Compliance

Posted in Cyber, eCommerce, Internet Access

PwC’s survey of over 800 Compliance Officers was “designed to give corporate compliance officers benchmarking data to help them understand common industry practices today and plan for more effective, more efficient compliance operations in the future.” The report entitled “PwC State of Compliance Study 2016” highlighted these legal risks to most businesses caused by lack of compliance:

-69% Intellectual Property
-59% Fair Competition or Antitrust
-43% Insider Training
-30% Records Management
-29% Government Contracting
-19% Inport-Export Controls or Trade Compliance

Given the scope of cyberattacks there is little surprise by PwC’s survey results.

GUEST BLOG: Watch Out for Cyber Threats while Shopping during the Holidays (THINK WIFI)!

Posted in Cyber, eCommerce

My Guest Blogger Eddie Block (CISSP, CIPM, CIPP/G, CISA, CEH) is a senior attorney in Gardere’s Litigation Group and member of the Cybersecurity and Privacy Legal Services Team who focuses on all aspects of information cyber security, including credentialing functions, firewall and IDS deployment and monitoring, and penetration testing, and related complex litigation.

Eddie Block Dec 2 2016

As we welcome the winter holidays, purchasing gifts online is expected to increase this year by 7 to 10 percent according to the National Retail Federation. This is a boon to the online retail community.  It can also be a boon to data thieves.

As consumers wander the mall looking for the perfect gift or travel to relatives houses, they bring a myriad of electronic devices. Laptops, gaming systems, and the ever present smartphone all attempt to make life easier by connecting to WiFi networks.  Legitimate WiFi networks provide a great service allowing consumers to evaluate pricing and the availability of gifts.  Attackers are also known to setup their own WiFi networks to trick unsuspecting users into passing their information in clear view of the attacker.

In many cases these fraudulent networks will look similar to legitimate networks with names like “Free Store_Name WiFi”, “Free Airport_Name WiFi”, or “Hotel Guest Wifi”.  Data thieves will use these networks to perform what is called a “Man-in-the-Middle” attack.  In this scenario the consumer connects to the attacker’s fraudulent network and the attacker connects to the Internet.  So, to the consumer, it appears that they are using the Internet as normal.  By forcing you through their network, though, the attacker can monitor, collect, and store usernames, passwords, credit card data, and other confidential information.

Usually employees of the store, airport, or hotel will know the legitimate network, but what if you just can’t tell? There are a few things that anyone can do to protect themselves:

  1. Verify connections to websites are secure and use SSL for online shopping. The easiest way to check is to look in the website’s address for “https://”. Sites using https:// are protecting their customer’s information by encrypting the consumer’s information as it passes across the Internet.
  2. Make sure you are actively checking credit card statements. Don’t wait until the end of the month if you have online access to your transaction history.
  3. NEVER use the public use computers in hotels for anything confidential. These systems have been targeted by identity thieves in the past, since they are easy to compromise and attract many different individuals. Even using SSL connections mentioned in point 1 is pointless on these systems because attackers can capture the information directly from the attached keyboard.
  4. Use a Virtual Private Network (VPN) connection if possible.

Watch out while shopping online now and in the future.

Healthcare is the biggest target for Cyberattacks in 2017!

Posted in Cyber, eCommerce, Internet Privacy

Experian reported that the “healthcare sector may continue to be the focal point for hackers as medical identity theft remains lucrative and easy for cyber criminals to exploit.”  The November 28, 2016 report entitled “2017 Fourth Annual Data Breach Industry Forecast” included this takeaway advice:

As attackers shift their focus, an increase in hospital breaches means the consequences for healthcare organizations that don’t properly manage this risk will increase. Healthcare organizations of all sizes and types need to ensure they have proper, up to date security measures in place, including contingency planning for how to respond to a ransomware attack and adequate employee training about the importance of security.

Experian also included the following in its Prediction Scorecard about Healthcare based on 2016:

BIG HEALTHCARE HACKS WILL MAKE THE HEADLINES, BUT SMALL BREACHES WILL CAUSE THE MOST DAMAGE

In 2016, there were 181 reported healthcare breaches ranging in size from 500 to 3.6 million effected individuals. While several large breaches like Banner Health and 21st Century Oncology lost more than 5 million records combined, small breaches also had a large impact. Breaches impacting 200,000 people or less accounted for 96 percent of all healthcare related breaches and impacted 1,400,872 individuals.

My friend Judy Greenwald wrote an article for Business Insurance entitled “2017 to usher in new wave of cyber attacks” and started with these comments about the Experian report:

Businesses should brace for “full-on” cyber attacks next year, particularly if they are part of the critical infrastructure that provides essential services related to the nation’s economy, security and health, a study warns

Healthcare is well-aware of the cyber threats, but maybe not adequately protected…time will tell.

Cyber criminals will target IoT since by 2020 92% of all data will be in the cloud!

Posted in Cyber

Rest assured that cyber criminals read Cisco’s report that cloud usage will grow significantly based on the scope of “big data and associated Internet of Things” with expectations that cloud usage as of 2015 at about “3.9 zettabytes (ZB) per year…to 14.1 ZB per year by 2020.” The November 2016 Cisco report entitled “Cisco Global Cloud Index: Forecast and Methodology, 2015–2020” was highlighted on Forbes November 13, 2016 article entitled “With Internet Of Things And Big Data, 92% Of Everything We Do Will Be In The Cloud” which started with these comments:

You don’t need Sherlock Holmes to tell you that cloud computing is on the rise, and that cloud traffic keeps going up. However, it is enlightening to see the degree by which it is increasing, which is, in essence, about to quadruple in the next few years. By that time, 92% percent of workloads will be processed by cloud data centers; versus only eight percent being processed by traditional data centers.

The big question is-  what will you do to properly protect you cloud data?

Guess what? Cyber threats are directed at ATMs!

Posted in Cyber, eCommerce

Business Insurance reported that “Cyber criminals have remotely attacked cash machines in more than a dozen countries across Europe this year, using malicious software that forces machines to spit out cash.”  The November 21, 2016 report entitled “Hackers target ATMs across Europe as cyber threat grows” cites Russian cyber security firm Group IB and Diebold Nixdorf and NCR Corp. (the world’s two largest ATM makers)  who:

…said they were aware of the attacks and have been working with customers to mitigate the threat. The newly disclosed heists across Europe follow the hacking of ATMs in Taiwan and Thailand that were widely reported over the summer.

Little surprise by this report!

About 75% of companies don’t have adequate Cyber Security Incident Response Plans (IRPs), so how Cyber Resilient is your Company? Or Law Firm?

Posted in Cyber, eCommerce

Of the 2,000 IT and IT security professionals surveyed by the Ponemon Institute “75% of respondents admit they do not have a formal cyber security incident response plan (CSIRP) that is applied consistently across the organization” and 51% rated cyber resilience as “very important or essential to achieving a strong security posture.”  The November 2016 Ponemon report entitled “The 2016 Cyber Resilient Organization- Executive Summary” (sponsored by Resilient an IBM company) started with this definition of Cyber Resilience:

The capacity of an enterprise to maintain its core purpose and integrity in the face of cyber attacks.

Networkworld’s November 16, 2016 report entitled “IBM: Many companies still ill-prepared for cyber attacks” highlighted these key results from the Ponemon study:

  • Of those with a CSIRP in place, 52% have either not reviewed or updated the plan since it was put in place, or have no set plan for doing so.
  • 41% say the time to resolve a cyber incident has increased in the past 12 months, compared to only 31% who say it has decreased.
  • 74% say they faced threats due to human error in the past year
  • When examining the past two years, 74% say they have been compromised by malware on a frequent basis, and 64% have been compromised by phishing on a frequent basis
  • 68% don’t believe their organizations have the ability to remain resilient in the wake of a cyberattack
  • 66% aren’t confident in their organization’s ability to effectively recover from an attack
  • 25% have an incident response plan applied consistently across the organization. 23% have no incident response plan at all
  • Only 14% test their incident response plans more than one time per year
  • 66% cite a lack of planning as their organization’s biggest barrier to becoming resilient to cyberattacks
  • 48% say their organization’s Cyber Resilience has either declined (4 percent) or not improved (44%) over the past 12 months
  • 41% say the time to resolve a cyber incident has increased or increased significantly, while only 31% say it has decreased or decreased significantly
  • In 2015, the average cybersecurity budget was $10 million. This increased to an average of $11.4 million. More funding has been allocated to cyber resilience-related activities. In 2015, 26% of the IT security budget was allocated to cyber resilience related activities. This increased to 30% in 2016.

No surprises here, but what are you doing for cyber protection?

Artificial Intelligence (think IBM’s Watson) now directed to cybersecurity

Posted in Cyber

TexasBarToday_TopTen_Badge_Small (1)

Infoworld reported that “IBM Security is currently in the middle of a year-long research project working with eight universities to help train Watson to tackle cybercrime.”  The November 15, 2016 article entitled “How IBM’s Watson will change cybersecurity” includes a reference to IBM’s Security Intelligence comments by Diana Kelley that “We need to make sure these technologies are actually solving the problems that security professionals are facing, both today and in the future.”  Ms. Kelley’s November 3, 2016 article entitled “Cognitive Security to the Rescue? Study Predicts 3x Adoption in the Next Few Years” includes these comments:

Cognitive solutions are already seeing widespread adoption in other industries. A report last week from IDC illustrated that cognitive systems are driving $8 billion in revenue in 2016. Additionally, cognitive computing is slated to become a $47 billion industry by 2020.

Ms. Kelley cites these benefits:

Intelligence: About 40 percent of respondents believe this technology will improve detection and incident response decision-making capabilities.

Speed: 37 percent of respondents believe cognitive security solutions will significantly improve incident response time.

Accuracy: 36 percent of respondents think cognitive security will provide increased confidence to discriminate between innocuous events and true incidents.

This all makes sense, and I’m optimistic that Artificial Intelligence will help cyber security.

GIGO (Garbage In Garbage Out) – all Big Data is not Good Data!

Posted in eCommerce

GIGO is very old news and is highlighted in IDC’s white paper which stressed that the “outcome of any big data analytics project, however, is only as good as the quality of the data being used.”  The January 2015 white paper entitled “Big Data, Bad Data, Good Data: The Link Between Information Governance and Big Data Outcomes” was sponsored by IBM and focused at its StoredIQ solution.  Here are some of the examples of leveraging Big Data analytics cited in the white paper:

  • Retailers are leveraging big data analytics to gain a deeper understanding of customer preferences, segment customers in new ways, and target buyers with tailored and personalized offers that increase conversion rates and order size.
  • Manufacturers are using big data analytics to optimize their supply chains, anticipate product problems and warranty issues, and improve the performance of enterprise assets and equipment.
  • Energy companies and utilities are leveraging big data to improve their demand forecasts, build smarter grids, reduce outages, and optimize production.
  • Healthcare organizations are turning to big data to optimize care and improve patient outcomes.
  • Research organizations are using big data analytics to accelerate the pace of medical and scientific research.
  • Government agencies are exploiting big data for intelligence, national security, and mission support and planning.
  • Financial services organizations are using big data to detect and prevent fraud.

However much not all data is great particularly reliable if it is included in the “enterprise’s unstructured information” including:

…the documents, images, rich media, and other content assets that reside in the organization’s enterprise  content management, collaboration, and email systems; on network drives and users’ computers; and in enterprise application document stores whether on-premise or in the cloud.

Without question understanding Big Data is critical for all businesses and governments.

Hacker gets 45 months in jail for stealing encrypted personal data & launching cyber attacks

Posted in Cyber, Internet Access, Internet Privacy

A federal judge sentenced NullCrew hacker Timothy Justen French to prison for playing a “central role in an extensive, deliberate, and destructive hacking campaign that inflicted widespread and serious harm to businesses, governments, non-profits, and thousands of individuals”…which “ cyber-attacks caused at least $792,000 in monetary loss to victim companies, universities and governmental bodies.” On November 1, 2016 US District Judge Gary Feinerman (Chicago) sentenced French based on the US Attorney William Ridgway’s argument that:

The defendant played a central role in an extensive, deliberate, and destructive hacking campaign that inflicted widespread and serious harm to businesses, governments, non-profits, and thousands of individuals,

He disseminated online the usernames, email accounts, and passwords for thousands of individuals, which not only violated their privacy and sense of online security, it exposed them to financial fraud and identity theft.

The Department of Justice reported about French and his group:

NullCrew is a group of computer hackers who carried out a series of cyber-attacks in the United States and throughout the world.  To publicize their intrusions, French and other members of NullCrew maintained Twitter accounts, including @NullCrew_FTS and @OfficialNull, which they used to announce their cyber-attacks and ridicule their victims by publicly disclosing the confidential information they had stolen, according to French’s plea declaration. 

French hid his true identity by using Internet aliases, including “Orbit,” “@Orbit_g1rl,” “crysis,” “rootcrysis,” and “c0rps3.”

French participated in at least seven cyber-attacks while a member of NullCrew from 2012 to 2014.  One of the attacks was carried out against a large Canadian telecommunications company, while another attack targeted a U.S. state, according to the plea declaration.

Unfortunately we are bound to see more cyber crimes of this sort!

The Cyber Underground and what you need to know about the DarkNet Marketplaces

Posted in Cyber, eCommerce

The US recently joined  Operation Hyperion to “share criminal intelligence and collaborate on operations to combat transnational crime” with the Five Eyes Law Enforcement Group (FELEG), an international coalition of law enforcement agencies from Australia, Canada, New Zealand, and the United Kingdom.  On November 1, 2016 the FBI issued its “A Primer on DarkNet Marketplaces (What They are and What Law Enforcement is Doing to Combat Them)” since the DarkNet:

…offers, many criminals and criminal groups gravitate toward the DarkNet, often doing business through online marketplaces set up for nefarious purposes

The FBI joined a number of other U.S. law enforcement agencies in this effort  since the:

DarkNet content is not indexed and consists of overlaying networks that use the public Internet but require unique software, configuration, or authorization to access. And this access is predominately designed to hide the identity of the user.

You more you know about the DarkNet the safe you and your company can be!