Internet, Information Technology & e-Discovery Blog

Internet, Information Technology & e-Discovery Blog

Social changes brought about by the Internet & Technology

Category Archives: Cyber

Subscribe to Cyber RSS Feed

BUSINESS ALERT: Cyberattacks are directed at ERP systems since they are difficult to secure

Posted in Cyber, IT Industry
Ponemon Institute issued a report after it “surveyed 607 IT and IT security practitioners who are involved in the security of SAP” and that 58% “of respondents rate the difficulty of securing SAP applications as high and 65 percent of respondents rate their level of concern about malware infections in the SAP infrastructure as very… Continue Reading

BLACK HAT SURVEY: Employee Training is in the top 5 ways to avoid hacking!

Posted in Cyber, IT Industry
Thycotic took a survey of 250+ hackers at the August 2016 Black Hat conference and reported that “77% say no password is safe from hackers—or the government” which is hardly surprising. The “Black Hat 2016: Hacker Survey Report” included these comments about training: Extend IT Security Awareness Training The weakest link in most organization’s security… Continue Reading

New Cyber rules for DOD contractors may be creating new problems!

Posted in Cyber
Law360 reported that many experts are concerned that “companies who share cybersecurity incident information with a DOD contractor will be considered a third-party beneficiary of the DOD, with the ability to sue if confidential information is leaked or stolen, but that offers little solace to those who have their information stolen.” The October 20, 2016… Continue Reading

Can the G7 really protect the financial world from cybercrime?

Posted in Cyber, eCommerce
Reuters reported that the Group of Seven (G7) industrial powers (Britain, Canada, France, Germany, Italy, Japan and the US) “agreed on guidelines for protecting the global financial sector from cyber attacks following a series of cross-border bank thefts by hackers.”  The October 11, 2016 report entitled “G7 sets common cyber-security guidelines for financial sector” included… Continue Reading

“Top Secret” Electronic Records Stolen by NSA Cybersecurity Contractor!

Posted in Cyber, eCommerce
The New York Times reported that a cybersecurity contractor for the NSA (National Security Agency) was arrested based on allegations that “he stole and disclosed highly classified computer code developed to hack into the networks of foreign governments.”  The October 6, 2016 article entitled “N.S.A. Contractor Arrested in Possible New Theft of  Secrets” reported that… Continue Reading

GUEST BLOG: Can the FTC control the privacy of the IoT (Internet of Things)?

Posted in Cyber, eCommerce, Internet Access
My Guest Blogger Eric Levy is a senior attorney in Gardere’s Trial Practice Group who focuses on cyber security, PCI compliance, PII, eCommerce, and related complex litigation. Apparently IoT is leading the FTC (Federal Trade Commission), the government watchdog of privacy, one step closer to broadening the scope of what it believes falls within the definition of “personally… Continue Reading

Very likely that the cyberattacks against Southwest & Delta were directed your passenger data

Posted in Cyber, Internet Access
Darkreading reported that a recent cyber safety report to the Federal Aviation Administration (FAA) was based on a PriceWaterhouseCoopers’ survey of “85 percent of airline CEOs in the PwC survey cited cybersecurity as a major risk likely because of the very sensitive nature of passenger data and flight systems.”  The September 23, 2016 report in… Continue Reading

500 million Yahoo users compromised by cyberintrusion, but Yahoo doesn’t plan to provide credit monitoring!

Posted in Cyber, eCommerce
Reuters reported that Yahoo would likely not need to “provide them with credit monitoring services” even though Bob Lord (Yahoo’s CISO) posted “An Important Message About Yahoo User Security”: The account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted… Continue Reading

$1 trillion will be spent on Cybersecurity in the next 5 years!

Posted in Cyber, Internet Access
CSO recently predicted “a major uptick in cyber spending — to the tune of 12 to 15 percent year-over-year growth through 2021” in an article entitled “Cybersecurity spending outlook: $1 trillion from 2017 to 2021” which included these comments from the SANS Institute which were presented in February 2016: Tracking security-related budget and cost line… Continue Reading

Cyber criminals recognize security weakness at LinkedIn, Facebook, and Twitter

Posted in Cyber, eCommerce
Darkreading recently reported that LinkedIn confessed that “We don’t have a reliable system for identifying and counting duplicate or fraudulent accounts” and that “cyber criminals now weaponize social media sites and their data, leading to some of the biggest data breaches over the last few years.” The September 6, 2016 article entitled “Why Social Media… Continue Reading

Cyber Pain Points: Failure to get buy-in for Incident Response Plan (IRP) in the top 10!

Posted in Cyber, IT Industry
A recent report indicated that IRPs “are frequently developed from within departmental silos, for example, within the organization’s IT security function, and do not address the considerations of business units or cross functional areas needed to coordinate and operate together during a response. This not only leads to an uncoordinated response effort, but discourages buy-in… Continue Reading

How does FUD (Fear, Uncertainty, and Doubt) help businesses learn about cyber threat intelligence?

Posted in Cyber, eCommerce
No surprises in a recent report that “cybercriminals utilize all forms of intelligence to exploit the weakest link as an attack vector…” and as result “almost every business is a target for malicious cyber attacks and the need for cyber security is an important part of protecting an organization’s reputation and financial vitality.”  InfoArmor’s June… Continue Reading

HIPAA penalty of $5.5 million seems like a lot, but it’s only $1.375 per patient!

Posted in Cyber, IT Industry
With 4 million patient records exposed, this was the largest fine to date for breach of ePHI (electronic Protected Health Information) which included “demographic information, clinical information, health insurance information, patient names, addresses, credit card numbers and their expiration dates, and dates of birth.”  On August 4, 2016 the U.S. Department of Health and Human… Continue Reading

Delta Airlines – Cyberattack or power failure – seems a lot like Southwest’ alleged router failure?

Posted in Cyber, eCommerce
The New York Times reported “at least 858 cancellations and 7,359 delays across the global industry on Monday morning” in less than 5 hours based on a power outage at 2:30am EDT. But Delta’s story does not pass the smell test following Southwest Airlines’ recent claim of a single point of failure of a router.  In response… Continue Reading

Cybercriminal data breaches in Healthcare may exceed a whopping $6.2 billion!

Posted in Cyber, eCommerce, IT Industry
Ponemon reported that “over the past two years the average cost of a data breach for healthcare organizations is estimated to be more than $2.2 million. No healthcare organization, regardless of size, is immune from data breach.”  The “Sixth Annual Benchmark Study on Privacy & Security of Healthcare Data” study included this alarming information about… Continue Reading

Cyber risk for HIPAA data increasing as criminals are now focused at healthcare technology!

Posted in Cyber, eCommerce, Internet Access
There is little surprise to learn that cybercriminals are now focused at “healthcare IT infrastructure,…also connected medical devices, mobile computing devices used by medal staff and, most profitably, electronic health records (EHR) systems.”  The July 12, 2016 DarkReading report entitled “Healthcare Hacks Face Critical Condition” referenced InfoArmor’s report “Healthcare under attack – CyberCriminals Target Medical… Continue Reading

Spoliation or Privacy “Right to be Forgotten”? – Google’s new service “My Activity” allows you to delete your history!

Posted in Cyber, E-Discovery, Internet Privacy
People should be thoughtful of using My Activity because destroying your Google history in litigation may lead to a claim of spoliation (destruction of evidence) when using Google’s recently launched My Activity which “is a central place to view and manage activity like searches you’ve done, websites you’ve visited, and videos you’ve watched.”  My Activity… Continue Reading

Court rules that Travelers must defend cyberintrusion of medical records (HIPAA?) under CGL policy

Posted in Cyber, eCommerce
An appellate court agreed that “Travelers is duty bound under the Policies to defend Portal [Portal Healthcare Solutions, L.L.C.] against the class-action complaint”…that “alleges that Portal and others engaged in conduct that resulted in the plaintiffs’ private medical records being on the internet for more than four months.”  In the case of The Travelers Indemnity… Continue Reading

Good idea -Ransomware may be avoided if you backup your data to 3 locations!

Posted in Cyber, eCommerce
Webroot recommends that you “need to set up a regular backup regimen that at a minimum backs up data to an external drive, or backup service, that is completely disconnected when it is not performing the backup.”  On May 18, 2016 Webroot issued “A Guide to Avoid Being a Crypto-Ransomware Victim” which included these recommendations… Continue Reading

Cybersecurity jumps to the 9th top concern of 91% of manufacturers!

Posted in Cyber, eCommerce
BDO’s annual RiskFactor Report for the first time cites that manufacturers’ top 10 concerns about “operational infrastructure risk, including information systems and implementation of new systems and maintenance.”  The “2016 BDO Manufacturing RiskFactor Report” issued in June 21, 2016 introduced the subject with this headline “Manufacturers Scamper to Shore Up Security” and these comments: Manufacturing… Continue Reading