Internet, Information Technology & e-Discovery Blog

Internet, Information Technology & e-Discovery Blog

Social changes brought about by the Internet & Technology

Category Archives: Cyber

Subscribe to Cyber RSS Feed

Did Facebook delete Russian bought ads because of a bug?

Posted in Cyber
The Washington Post wrote that Facebook “it has merely corrected a “bug” that allowed [Jonathan] Albright, who is research director of the Tow Center for Digital Journalism at Columbia University, to access information he never should have been able to find in the first place.”  The October 12, 2017 article entitled “Facebook takes down data… Continue Reading

Google confesses that Russia bought Google Search and YouTube ads to influence the 2016 election!

Posted in Cyber
The Washington Post reported that Google admitted that it “found that tens of thousands of dollars were spent on ads by Russian agents who aimed to spread disinformation across Google’s many products, which include YouTube, as well as advertising associated with Google search, Gmail, and the company’s DoubleClick ad network.” The October 9, 2017 report… Continue Reading

Do you trust Equifax? Apparently IRS believes a new $7.25 million contract with Equifax is a good idea!

Posted in Cyber, eCommerce
Gizmodo reported that IRS supports its new $7.25 million contract with Equifax as a “no bid sole source” contract “to help verify US taxpayers’ identities” …and without which “would have prevented thousands of hurricane victims from obtaining much needed…. tax information.”  The October 5, 2017 story entitled “IRS Chief Says Aborting Equifax Contract Could Harm… Continue Reading

Surprised? Equifax learned about its cyber exposure in March, but failed to do anything!

Posted in Cyber, eCommerce
Rueters reported that former Equifax CEO Richard Smith (who retired suddenly last week) provided written testimony that “Equifax was alerted to the breach by the U.S. Homeland Security Department on March 9,…, but it was not patched.”  The October 2, 2017 report entitled “Equifax failed to patch security vulnerability in March: former CEO” included these… Continue Reading

GUEST BLOG: Will cyber disasters finally be the reason that IT folks learn to speak English rather than Geek Talk (think Technology)?

Posted in Cyber, IT Industry
My Guest Blogger Eddie Block (CISSP, CIPM, CIPP/G, CISA, CEH) is a senior attorney in Gardere’s Litigation Group and member of the Cybersecurity and Privacy Legal Services Team who focuses on all aspects of information cyber security, including credentialing functions, firewall and IDS deployment and monitoring, and penetration testing, and related complex litigation.  Eddie blogs at JurisHacker. For many years… Continue Reading

Poor cyber security equals +1.9 billion records exposed in the first 6 months of 2017!

Posted in Cyber
Gemalto issued a report that “identity theft breaches continues to remain high and result in many records being stolen shows that organizations are still not adequately addressing this threat.” The September 2017 report entitled “2017 Poor Internal Security Practices Take a Toll” included these comments: A large portion of accidental loss are the result of… Continue Reading

GUEST BLOG: Are you surprised to hear that Equifax’s security chief doesn’t have a degree in technology, rather majored in music?

Posted in Cyber, IT Industry
My Guest Blogger Eddie Block (CISSP, CIPM, CIPP/G, CISA, CEH) is a senior attorney in Gardere’s Litigation Group and member of the Cybersecurity and Privacy Legal Services Team who focuses on all aspects of information cyber security, including credentialing functions, firewall and IDS deployment and monitoring, and penetration testing, and related complex litigation.  Eddie blogs at JurisHacker. What qualifies a… Continue Reading

Oops! Malware distributed with antivirus software to more than 2.27 million users!

Posted in Cyber
My good friend Kevin Campbell (SVP/CIO at Hunt Consolidated, Inc.) shared this bad news that “Antivirus firm Avast has admitted inadvertently distributing a trojanised version of CCleaner, a popular PC tune-up tool, for nearly a month, infecting an estimated 2.27 million users.”  This news was reported by The Register on September 18, 2017 entitled “Downloaded… Continue Reading

GUEST BLOG: Neither Rain, nor Sleet, nor Dark of Night Shall Stay the Application of HIPAA Regulations…

Posted in Cyber, Internet Privacy
My Guest Blogger Eric Levy is a senior attorney in Gardere’s Trial Practice Group who focuses on HIPAA, PHI, cyber security, PCI compliance, PII, eCommerce, and related complex contract negotiations and litigation. Eric has received the Certified Information Privacy Professional (CIPP-US) designation from the International Association of Privacy Professionals (“IAPP”). It is beyond dispute that Hurricanes… Continue Reading

Equifax confessed that it failed to protect personal data of 143+MILLION CUSTOMERS!

Posted in Cyber, eCommerce, Internet Privacy
The New York Times reported “that hackers had gained access to company data that potentially compromised sensitive information for 143 million American consumers, including Social Security numbers and driver’s license numbers.”  The September 7, 2017 report entitled “Equifax Says Cyberattack May Have Affected 143 Million Customers” included the bad news: Potentially adding to criticism of… Continue Reading

Yahoo loses a court battle and a class action will proceed for massive cyber breaches in 2013-16!

Posted in Cyber
Reuters reported that “Yahoo must face nationwide litigation brought on behalf of well over 1 billion users who said their personal information was compromised in three massive data breaches.” On August 30, 2017 US District Judge Lucy Koh (Northern District of California- San Jose) in the case of In Re: Yahoo! Inc. Customer Data Security… Continue Reading

Less than 50% US businesses have cyber insurance, so what can they do to avoid a cyber disasters?

Posted in Cyber
Darkreading reported “some organizations refuse to buy cyber insurance out of the misguided notion that they don’t “need” to worry about being hacked, this mindset isn’t entirely at fault….many enterprises have been left high and dry by cyber-insurance policies that didn’t fully protect them after a major cyber attack.” The August 21, 2017 article entitled… Continue Reading

Watch out! ‘Fancy Bear’ may be ready to steal your data while using hotel wifi!

Posted in Cyber, Internet Access
Wired reported about a “Russian espionage campaign has used those Wi-Fi networks to spy on high-value hotel guests, and recently started using a leaked NSA hacking tool to upgrade their attacks.” Wired’s August 11, 2017 report was entitled “Russia’s ‘Fancy Bear’ Hackers Used Leaked NSA Tool to Target Hotel Guests” which included FireEye’s report that:… Continue Reading

Here’s a good idea – don’t agree to cloud Click Agreements because the cloud is such a huge target for cybercriminals!

Posted in Cyber, E-Discovery, eCommerce
More businesses should use lawyers that understand how to negotiation cloud agreements because the Click Agreement don’t provide all necessary legal requirements given Cisco’s report that “The cloud is a whole new frontier for hackers, and they are exploring its potential as an attack vector in earnest…They also recognize that they can infiltrate connected systems… Continue Reading

No cyber insurance coverage for $800,000 loss for spearphishing (aka BEC -Business Email Compromise)!

Posted in Cyber, eCommerce
Businessinsurance.com reported that a court agreed with Traveler’s “which denied coverage on the basis the loss was not a “direct loss” that was “directly caused by the use of a computer” as required by the policy.” My friend Judy Greenwald wrote the article entitled “Manufacturer can’t recover spoofing email losses from insurer” about the ruling… Continue Reading

GUEST BLOG: Is your business at risk for not knowing about the liability limits under the 911 Cybersecurity Laws (Safety Act)?

Posted in Cyber
My Guest Blogger Eddie Block (CISSP, CIPM, CIPP/G, CISA, CEH) is a senior attorney in Gardere’s Litigation Group and member of the Cybersecurity and Privacy Legal Services Team who focuses on all aspects of information cyber security, including credentialing functions, firewall and IDS deployment and monitoring, and penetration testing, and related complex litigation.  Eddie blogs at JurisHacker. Interested in liability… Continue Reading

US Cyber insurance market exceeds $2.49 Billion!

Posted in Cyber, eCommerce, Internet Privacy
A report to the Cybersecurity (EX) Task Force explains the growth of cyber insurance to more than $2.49 billion in 2016 because “Cybersecurity breaches can cause a major drain on the U.S. economy”…and in particular “Financial Services Sector is perhaps the most under attack from cyber criminals.”  The August 6, 2017 “Report on the Cybersecurity… Continue Reading

Two-factor authentication may avoid disasters since there are more than 1+ billion compromised usernames and passwords!

Posted in Cyber
Bankinfosecurity.com reported that “Troy Hunt, a security expert who runs the Have I Been Pwned data breach notification service, has an idea to help organizations prevent people continuing to use their own compromised passwords or selecting ones that have been leaked.”  The August 3, 2017 report entitled “Here Are 306 Million Passwords You Should Never… Continue Reading

Guess what? There will be increased cyber problems in 2017 including Ransomware, Malware, and IoT!

Posted in Cyber, eCommerce
Malwarebytes examined almost “one billion malware detections/incidences…in nearly 100 million Windows and Android devices…in over 200 countries” to make its 2017 State of Malware Report which included these three takeaways: Ransomware grabbed headlines and became the favorite attack methodology used against businesses. Ad fraud malware, led by Kovter malware, exceeded ransomware detections at times and… Continue Reading

FTC to the rescue with Cybersecurity roundtables for small businesses!

Posted in Cyber, eCommerce
The Federal Trade Commission (FTC) will have a series of public roundtables since companies “with only a few employees face unique challenges when it comes to cybersecurity. The July 20, 2017 announcement entitled “FTC to Host Cybersecurity Roundtables with Small Businesses” publicizes a new website launched in May Protecting Small Businesses focuses on “Cybersecurity”: Running… Continue Reading

Will IBM’s recommendation to encrypt the universe provide better cyber protection, or just profits for IBM?

Posted in Cyber, eCommerce, IT Industry
The Washington Post reported that “IBM argues that universal encryption could be the answer to what has become an epidemic of hacking.”  The July 17, 2017 article entitled “To battle hackers, IBM wants to encrypt the world” included these comment about IBM’s recommendations to encrypt the universe: …it has achieved a breakthrough in security technology… Continue Reading

Cyber intrusions reporting will ramp up around the world in 2018 under GDPR (think EU Privacy Laws)!

Posted in Cyber, Internet Privacy
On May 25, 2018 the new General Data Protection Regulation (GDPR) will take effect and according my friend Benjamin Wright who wrote a paper for the SANS Institute GDPR “is motivating organizations worldwide to improve existing technical controls for securing personal information. Organizations should be especially aware that the GDPR and other recent legal developments… Continue Reading

Sales of Cyber insurance policies grow by 400% after ransomware attacks- soon to be as common as fire insurance!

Posted in Cyber, eCommerce
Reuters reported that Danish insurance company Tryg issued a second quarter report that it “sold 2,800 cyber insurance policies in the quarter, up from 700 between January and March.”   The July 11, 2017 report entitled “Tryg sees rapid rise in cyber insurance sales after Wannacry” included this comment from Tryg chief executive Morten Hubbe: We… Continue Reading

Cyber insurance premiums grew 35% in 2016 -over $1.3 Billion!

Posted in Cyber, eCommerce
A.M. Best reported that the top “cyber insurance writers have shifted away from writing packaged policies to standalone coverage by nearly a 70-30 split on the $1.3 billion of direct premiums written in 2016,…and this shift mainly results from many insurance companies realizing that tailored coverage forms addressing cyber liability risks separate from traditional insurance… Continue Reading