Internet, Information Technology & e-Discovery Blog

Internet, Information Technology & e-Discovery Blog

Social changes brought about by the Internet & Technology

Category Archives: Cyber

Subscribe to Cyber RSS Feed

Take a minute and read Yahoo’s 238 word CONFESSION about the Cyber theft of 1+ billion user accounts!

Posted in Cyber, eCommerce, Internet Privacy
Yahoo’s public confession entitled “Important Security Information for Yahoo Users”  about the August 2013 theft of “data associated with more than one billion user accounts” including “the stolen user account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (using MD5) and, in some cases, encrypted or unencrypted security questions… Continue Reading

GUEST BLOG: Presidential Commission Report Highlights Cybersecurity Risks for lawyers!

Posted in Cyber, eCommerce
My Guest Blogger Eddie Block (CISSP, CIPM, CIPP/G, CISA, CEH) is a senior attorney in Gardere’s Litigation Group and member of the Cybersecurity and Privacy Legal Services Team who focuses on all aspects of information cyber security, including credentialing functions, firewall and IDS deployment and monitoring, and penetration testing, and related complex litigation. Law firms… Continue Reading

Cyber Legal Risks to Most Businesses since 55% of Senior Management Delegates Compliance

Posted in Cyber, eCommerce, Internet Access
PwC’s survey of over 800 Compliance Officers was “designed to give corporate compliance officers benchmarking data to help them understand common industry practices today and plan for more effective, more efficient compliance operations in the future.” The report entitled “PwC State of Compliance Study 2016” highlighted these legal risks to most businesses caused by lack… Continue Reading

GUEST BLOG: Watch Out for Cyber Threats while Shopping during the Holidays (THINK WIFI)!

Posted in Cyber, eCommerce
My Guest Blogger Eddie Block (CISSP, CIPM, CIPP/G, CISA, CEH) is a senior attorney in Gardere’s Litigation Group and member of the Cybersecurity and Privacy Legal Services Team who focuses on all aspects of information cyber security, including credentialing functions, firewall and IDS deployment and monitoring, and penetration testing, and related complex litigation. As we welcome… Continue Reading

Healthcare is the biggest target for Cyberattacks in 2017!

Posted in Cyber, eCommerce, Internet Privacy
Experian reported that the “healthcare sector may continue to be the focal point for hackers as medical identity theft remains lucrative and easy for cyber criminals to exploit.”  The November 28, 2016 report entitled “2017 Fourth Annual Data Breach Industry Forecast” included this takeaway advice: As attackers shift their focus, an increase in hospital breaches… Continue Reading

Cyber criminals will target IoT since by 2020 92% of all data will be in the cloud!

Posted in Cyber
Rest assured that cyber criminals read Cisco’s report that cloud usage will grow significantly based on the scope of “big data and associated Internet of Things” with expectations that cloud usage as of 2015 at about “3.9 zettabytes (ZB) per year…to 14.1 ZB per year by 2020.” The November 2016 Cisco report entitled “Cisco Global… Continue Reading

Guess what? Cyber threats are directed at ATMs!

Posted in Cyber, eCommerce
Business Insurance reported that “Cyber criminals have remotely attacked cash machines in more than a dozen countries across Europe this year, using malicious software that forces machines to spit out cash.”  The November 21, 2016 report entitled “Hackers target ATMs across Europe as cyber threat grows” cites Russian cyber security firm Group IB and Diebold… Continue Reading

About 75% of companies don’t have adequate Cyber Security Incident Response Plans (IRPs), so how Cyber Resilient is your Company? Or Law Firm?

Posted in Cyber, eCommerce
Of the 2,000 IT and IT security professionals surveyed by the Ponemon Institute “75% of respondents admit they do not have a formal cyber security incident response plan (CSIRP) that is applied consistently across the organization” and 51% rated cyber resilience as “very important or essential to achieving a strong security posture.”  The November 2016… Continue Reading

Artificial Intelligence (think IBM’s Watson) now directed to cybersecurity

Posted in Cyber
Infoworld reported that “IBM Security is currently in the middle of a year-long research project working with eight universities to help train Watson to tackle cybercrime.”  The November 15, 2016 article entitled “How IBM’s Watson will change cybersecurity” includes a reference to IBM’s Security Intelligence comments by Diana Kelley that “We need to make sure… Continue Reading

Hacker gets 45 months in jail for stealing encrypted personal data & launching cyber attacks

Posted in Cyber, Internet Access, Internet Privacy
A federal judge sentenced NullCrew hacker Timothy Justen French to prison for playing a “central role in an extensive, deliberate, and destructive hacking campaign that inflicted widespread and serious harm to businesses, governments, non-profits, and thousands of individuals”…which “ cyber-attacks caused at least $792,000 in monetary loss to victim companies, universities and governmental bodies.” On… Continue Reading

The Cyber Underground and what you need to know about the DarkNet Marketplaces

Posted in Cyber, eCommerce
The US recently joined  Operation Hyperion to “share criminal intelligence and collaborate on operations to combat transnational crime” with the Five Eyes Law Enforcement Group (FELEG), an international coalition of law enforcement agencies from Australia, Canada, New Zealand, and the United Kingdom.  On November 1, 2016 the FBI issued its “A Primer on DarkNet Marketplaces… Continue Reading

BUSINESS ALERT: Cyberattacks are directed at ERP systems since they are difficult to secure

Posted in Cyber, IT Industry
Ponemon Institute issued a report after it “surveyed 607 IT and IT security practitioners who are involved in the security of SAP” and that 58% “of respondents rate the difficulty of securing SAP applications as high and 65 percent of respondents rate their level of concern about malware infections in the SAP infrastructure as very… Continue Reading

BLACK HAT SURVEY: Employee Training is in the top 5 ways to avoid hacking!

Posted in Cyber, IT Industry
Thycotic took a survey of 250+ hackers at the August 2016 Black Hat conference and reported that “77% say no password is safe from hackers—or the government” which is hardly surprising. The “Black Hat 2016: Hacker Survey Report” included these comments about training: Extend IT Security Awareness Training The weakest link in most organization’s security… Continue Reading

New Cyber rules for DOD contractors may be creating new problems!

Posted in Cyber
Law360 reported that many experts are concerned that “companies who share cybersecurity incident information with a DOD contractor will be considered a third-party beneficiary of the DOD, with the ability to sue if confidential information is leaked or stolen, but that offers little solace to those who have their information stolen.” The October 20, 2016… Continue Reading

Can the G7 really protect the financial world from cybercrime?

Posted in Cyber, eCommerce
Reuters reported that the Group of Seven (G7) industrial powers (Britain, Canada, France, Germany, Italy, Japan and the US) “agreed on guidelines for protecting the global financial sector from cyber attacks following a series of cross-border bank thefts by hackers.”  The October 11, 2016 report entitled “G7 sets common cyber-security guidelines for financial sector” included… Continue Reading

“Top Secret” Electronic Records Stolen by NSA Cybersecurity Contractor!

Posted in Cyber, eCommerce
The New York Times reported that a cybersecurity contractor for the NSA (National Security Agency) was arrested based on allegations that “he stole and disclosed highly classified computer code developed to hack into the networks of foreign governments.”  The October 6, 2016 article entitled “N.S.A. Contractor Arrested in Possible New Theft of  Secrets” reported that… Continue Reading

GUEST BLOG: Can the FTC control the privacy of the IoT (Internet of Things)?

Posted in Cyber, eCommerce, Internet Access
My Guest Blogger Eric Levy is a senior attorney in Gardere’s Trial Practice Group who focuses on cyber security, PCI compliance, PII, eCommerce, and related complex litigation. Apparently IoT is leading the FTC (Federal Trade Commission), the government watchdog of privacy, one step closer to broadening the scope of what it believes falls within the definition of “personally… Continue Reading

Very likely that the cyberattacks against Southwest & Delta were directed your passenger data

Posted in Cyber, Internet Access
Darkreading reported that a recent cyber safety report to the Federal Aviation Administration (FAA) was based on a PriceWaterhouseCoopers’ survey of “85 percent of airline CEOs in the PwC survey cited cybersecurity as a major risk likely because of the very sensitive nature of passenger data and flight systems.”  The September 23, 2016 report in… Continue Reading

500 million Yahoo users compromised by cyberintrusion, but Yahoo doesn’t plan to provide credit monitoring!

Posted in Cyber, eCommerce
Reuters reported that Yahoo would likely not need to “provide them with credit monitoring services” even though Bob Lord (Yahoo’s CISO) posted “An Important Message About Yahoo User Security”: The account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted… Continue Reading

$1 trillion will be spent on Cybersecurity in the next 5 years!

Posted in Cyber, Internet Access
CSO recently predicted “a major uptick in cyber spending — to the tune of 12 to 15 percent year-over-year growth through 2021” in an article entitled “Cybersecurity spending outlook: $1 trillion from 2017 to 2021” which included these comments from the SANS Institute which were presented in February 2016: Tracking security-related budget and cost line… Continue Reading

Cyber criminals recognize security weakness at LinkedIn, Facebook, and Twitter

Posted in Cyber, eCommerce
Darkreading recently reported that LinkedIn confessed that “We don’t have a reliable system for identifying and counting duplicate or fraudulent accounts” and that “cyber criminals now weaponize social media sites and their data, leading to some of the biggest data breaches over the last few years.” The September 6, 2016 article entitled “Why Social Media… Continue Reading

Cyber Pain Points: Failure to get buy-in for Incident Response Plan (IRP) in the top 10!

Posted in Cyber, IT Industry
A recent report indicated that IRPs “are frequently developed from within departmental silos, for example, within the organization’s IT security function, and do not address the considerations of business units or cross functional areas needed to coordinate and operate together during a response. This not only leads to an uncoordinated response effort, but discourages buy-in… Continue Reading