Internet, Information Technology & e-Discovery Blog

Internet, Information Technology & e-Discovery Blog

Social changes brought about by the Internet & Technology

Category Archives: Cyber

Subscribe to Cyber RSS Feed

No cyber insurance coverage for $800,000 loss for spearphishing (aka BEC -Business Email Compromise)!

Posted in Cyber, eCommerce
Businessinsurance.com reported that a court agreed with Traveler’s “which denied coverage on the basis the loss was not a “direct loss” that was “directly caused by the use of a computer” as required by the policy.” My friend Judy Greenwald wrote the article entitled “Manufacturer can’t recover spoofing email losses from insurer” about the ruling… Continue Reading

GUEST BLOG: Is your business at risk for not knowing about the liability limits under the 911 Cybersecurity Laws (Safety Act)?

Posted in Cyber
My Guest Blogger Eddie Block (CISSP, CIPM, CIPP/G, CISA, CEH) is a senior attorney in Gardere’s Litigation Group and member of the Cybersecurity and Privacy Legal Services Team who focuses on all aspects of information cyber security, including credentialing functions, firewall and IDS deployment and monitoring, and penetration testing, and related complex litigation.  Eddie blogs at JurisHacker. Interested in liability… Continue Reading

US Cyber insurance market exceeds $2.49 Billion!

Posted in Cyber, eCommerce, Internet Privacy
A report to the Cybersecurity (EX) Task Force explains the growth of cyber insurance to more than $2.49 billion in 2016 because “Cybersecurity breaches can cause a major drain on the U.S. economy”…and in particular “Financial Services Sector is perhaps the most under attack from cyber criminals.”  The August 6, 2017 “Report on the Cybersecurity… Continue Reading

Two-factor authentication may avoid disasters since there are more than 1+ billion compromised usernames and passwords!

Posted in Cyber
Bankinfosecurity.com reported that “Troy Hunt, a security expert who runs the Have I Been Pwned data breach notification service, has an idea to help organizations prevent people continuing to use their own compromised passwords or selecting ones that have been leaked.”  The August 3, 2017 report entitled “Here Are 306 Million Passwords You Should Never… Continue Reading

Guess what? There will be increased cyber problems in 2017 including Ransomware, Malware, and IoT!

Posted in Cyber, eCommerce
Malwarebytes examined almost “one billion malware detections/incidences…in nearly 100 million Windows and Android devices…in over 200 countries” to make its 2017 State of Malware Report which included these three takeaways: Ransomware grabbed headlines and became the favorite attack methodology used against businesses. Ad fraud malware, led by Kovter malware, exceeded ransomware detections at times and… Continue Reading

FTC to the rescue with Cybersecurity roundtables for small businesses!

Posted in Cyber, eCommerce
The Federal Trade Commission (FTC) will have a series of public roundtables since companies “with only a few employees face unique challenges when it comes to cybersecurity. The July 20, 2017 announcement entitled “FTC to Host Cybersecurity Roundtables with Small Businesses” publicizes a new website launched in May Protecting Small Businesses focuses on “Cybersecurity”: Running… Continue Reading

Will IBM’s recommendation to encrypt the universe provide better cyber protection, or just profits for IBM?

Posted in Cyber, eCommerce, IT Industry
The Washington Post reported that “IBM argues that universal encryption could be the answer to what has become an epidemic of hacking.”  The July 17, 2017 article entitled “To battle hackers, IBM wants to encrypt the world” included these comment about IBM’s recommendations to encrypt the universe: …it has achieved a breakthrough in security technology… Continue Reading

Cyber intrusions reporting will ramp up around the world in 2018 under GDPR (think EU Privacy Laws)!

Posted in Cyber, Internet Privacy
On May 25, 2018 the new General Data Protection Regulation (GDPR) will take effect and according my friend Benjamin Wright who wrote a paper for the SANS Institute GDPR “is motivating organizations worldwide to improve existing technical controls for securing personal information. Organizations should be especially aware that the GDPR and other recent legal developments… Continue Reading

Sales of Cyber insurance policies grow by 400% after ransomware attacks- soon to be as common as fire insurance!

Posted in Cyber, eCommerce
Reuters reported that Danish insurance company Tryg issued a second quarter report that it “sold 2,800 cyber insurance policies in the quarter, up from 700 between January and March.”   The July 11, 2017 report entitled “Tryg sees rapid rise in cyber insurance sales after Wannacry” included this comment from Tryg chief executive Morten Hubbe: We… Continue Reading

Cyber insurance premiums grew 35% in 2016 -over $1.3 Billion!

Posted in Cyber, eCommerce
A.M. Best reported that the top “cyber insurance writers have shifted away from writing packaged policies to standalone coverage by nearly a 70-30 split on the $1.3 billion of direct premiums written in 2016,…and this shift mainly results from many insurance companies realizing that tailored coverage forms addressing cyber liability risks separate from traditional insurance… Continue Reading

Anthem agrees to pay $115 million for 2015 cyber intrusion to settle litigation!

Posted in Cyber, eCommerce, Internet Privacy
BusinessInsurance.com reported that “Anthem Inc., the largest U.S. health insurance company, has agreed to settle litigation over a hacking in 2015 that compromised about 79 million people’s personal health information for $115 million, which lawyers said would be the largest settlement ever for a data breach.”  The June 26, 2017 report entitled “Anthem to pay… Continue Reading

Honda plant halted operations because of WannaCry Ransonware!

Posted in Cyber, eCommerce
The Financial Times reported that the “Japanese carmaker revealed that it temporarily halted production at its Sayama plant, northwest of Tokyo, after it discovered that some of its computers were affected by the ransomware late on Sunday.”  The June 21, 2017 Financial Times report entitled “Honda plant hit by WannaCry ransomware attack” included a confession… Continue Reading

7 Flavors of CyberCrimeware as a Service (CaaS) includes Ransomware as a Service (RaaS)!

Posted in Cyber, eCommerce
Darkreading reported that inexpensive CaaS include malware “botnets, phishing and backdoors are all offered on the cheap as subscription. These days even crime is in the cloud.”  The June 13, 2017 Darkreading report was entitled “The Rising Tide of Crimeware-as-a-Service” included these comments about RaaS: The incipient rise of ransomware has occurred in lockstep with… Continue Reading

GUEST BLOG: Pacemakers (Think IoT) are not Cybersecure, does that bother you?

Posted in Cyber
My Guest Blogger Eddie Block (CISSP, CIPM, CIPP/G, CISA, CEH) is a senior attorney in Gardere’s Litigation Group and member of the Cybersecurity and Privacy Legal Services Team who focuses on all aspects of information cyber security, including credentialing functions, firewall and IDS deployment and monitoring, and penetration testing, and related complex litigation.  Eddie blogs at JurisHacker. We have to… Continue Reading

No surprise about cyber risks in V2V (Vehicle to Vehicle) – Think “Driverless Cars”!

Posted in Cyber
A New York Times report that protecting driverless cars from cyber attacks is the “primary challenge will be preventing hackers from getting into the heart of the car’s crucial computing system, called a CAN (or computer area network).” The June 7, 2017 report entitled “Electronic Setups of Driverless Cars Vulnerable to Hackers” included this proposal… Continue Reading

Cyber criminal’s phishing leads to 4+ years in prison for stealing airline tickets, which employee training could have avoided!

Posted in Cyber, eCommerce
Darkreading reported a 4+ year jail sentence for stealing airline tickets by using “phishing campaigns targeted customers of Travelport and Sabre, causing phishing emails to be delivered to their customers for the purpose of obtaining and stealing their unique log-in credentials.”  On June 5, 2017 the Department Justice issued a press release entitled “West African computer… Continue Reading

Cyber attack probably caused BA to strand 75,000 passengers, but BA claims it just lost electricity! Haha!

Posted in Cyber, eCommerce
The Independent reported that Wallie Walsh (Chief of  British Airways’ owner International Airlines Group) broke his silence about BA’s IT failure last week that left 75,000 travelers stranded saying “it was not an IT failure, it was a problem caused by the failure of electrical power to our IT systems.” The June 1, 2017 report… Continue Reading

Private Blockchains may not be secure!

Posted in Cyber, eCommerce
Coindesk recently published a blog which “attacks the idea that true immutability can be achieved in blockchain systems, arguing a more relative definition of this feature better encapsulates what’s the technology can achieve.” The May 9, 2017 article entitled “The Blockchain Immutability Myth” was a blog from “Dr.  Gideon Greenspan is the founder and CEO… Continue Reading

4 ways to stop Spearphising (aka Business Email Compromise “BEC”) which has cost more than $2.3+ billion!

Posted in Cyber, eCommerce
Proofpoint’s report states that spearphising/BEC “have collectively scammed victims out of more than $2 billion globally” and that these “threats have hit more than 7,000 companies since the FBI’s Internet Crime Complaint Center (IC3) began tracking this type of scam in late 2013.” When I blogged about the FBI report “Watch out for BEC (Business… Continue Reading

GUEST BLOG: Do you know which 2 states don’t have data breach notification laws?

Posted in Cyber, eCommerce
My Guest Blogger Eddie Block (CISSP, CIPM, CIPP/G, CISA, CEH) is a senior attorney in Gardere’s Litigation Group and member of the Cybersecurity and Privacy Legal Services Team who focuses on all aspects of information cyber security, including credentialing functions, firewall and IDS deployment and monitoring, and penetration testing, and related complex litigation.  Eddie blogs at JurisHacker. Breach notification laws:… Continue Reading

Do you believe China’s new cyber laws are for real?

Posted in Cyber, eCommerce
Reuters reported that a new Chinese law “would require firms exporting data to undergo an annual security assessment law….[and] would ban the export of any economic, technological or scientific data whose transfer would pose a threat to security or public interests. It would also require firms to obtain the consent of users before transmitting data… Continue Reading

Cybercriminals demand ransomware from Apple, or else they will wipe 300 million iPhones!

Posted in Cyber, eCommerce
Forbes reported that “a hacker group calling itself Turkish Crime Family…reported having access to 300 million Apple accounts” and demanded “$75,000 in crypto-currency (either Bitcoin or Ethereum) or $100,000 in iTunes gift cards, and the data would be deleted.”  The March 22, 2017 report entitled “Hackers Threaten To Wipe 300M iPhones, iCloud Accounts Unless Apple… Continue Reading