Category Archives: Cyber

Subscribe to Cyber RSS Feed

Are ATMs safe? Probably not since Black Box ATM attacks are mounting which is costing banks millions!

Bankinfosecurity.com report that “Fraudsters are now gingerly testing the waters in central and Western Europe with attacks that drain cash machines of their funds, according to a trade group that studies criminal activity around ATMs.”  The April 18, 2018 report entitled “No Card Required: ‘Black Box’ ATM Attacks Move Into Europe” included these statistics: The … Continue reading this entry

71% of US federal agencies have reported Cybersecurity breaches!

Darkreading.com reported that “Federal agencies must protect sensitive data and both thwart bad guys hunting for citizens’ private data and nation-state hackers with their own agendas — in addition to grappling with perennial underfunding, understaffing, and antiquated systems that commercial enterprises tossed into the dumpster years ago. At the same time, they need to make … Continue reading this entry

IBM Cybersecurity teams with Willis Towers Watson

Willis Towers Watson “a leading global advisory, broking and solutions company that helps clients around the world turn risk into a path for growth. With roots dating to 1828, Willis Towers Watson has 40,000 employees serving more than 140 countries..”announced “an expansion of the company’s global advisory services aimed at addressing risk related to cybersecurity.” … Continue reading this entry

Don’t trust public Wifi is one of 5 ways to avoid fraud this tax season!

Darkreading.com reported very bad news about tax season fraud that “Sixty days into the 2017 tax season, that same preparer had 1.5 million user authentication attempts with more than 28,700 of them being either denied access or asked for more authentication.”  The April 6, 2018 reported entitled “Protect Yourself from Online Fraud This Tax Season” … Continue reading this entry

Cyber, Privacy & IT Law at the new Foley Gardere

I’m happy to announce that I will continue my Cyber, Privacy & IT trial and transactional law practice as a member of Foley Gardere’s Privacy, Security & Information Management Practice Group after the April 1st merger announcement “Foley & Lardner LLP and Gardere Wynne Sewell LLP Announce Combination” and Foley Gardere as a combined firm: … Continue reading this entry

No surprise - Cyber attacks directed at Cryptocurrency!

Darkreading.com reported that Web injects have led to “recent evidence of threat actors using Web injects to target cryptocurrency exchange Coinbase and Bitcoin wallet Blockchain.info.”  The March 22, 2018 article entitled “Criminals Using Web Injects to Steal Cryptocurrency” included this description of Web injects: Web injects is basically code for injecting malicious content into a … Continue reading this entry

Mark Zuckerberg requested to testify to Congress about Facebook/Cambridge Analytica Privacy

The Washington Post reported that there was an official request for Mark Zuckerberg to testify at the House Energy and Commerce Committee since the Committee believes the “CEO of Facebook, he is the right witness to provide answers to the American people. We look forward to working with Facebook and Mr. Zuckerberg to determine a … Continue reading this entry

Cyberintrusions by Russia put US power infrastructure in jeopardy!

The Washington Post reported that “Since at least March 2016… Russian hackers have ‘targeted U.S. government entities and multiple U.S. critical infrastructure sectors, including the energy, nuclear, commercial facilities, water, aviation, and critical manufacturing sectors.’”  The March 16, 2018 report entitled “Why Russian hackers aren’t poised to plunge the United States into darkness” includes this … Continue reading this entry

Yahoo’s ToS limitations of liabilities challenged in Cyberbreach of 3 billion users!

Reuters reported that Judge Lucy Kohl ruled that “the plaintiffs could try to show that liability limits in Yahoo’s terms of service were “unconscionable,” given the allegations that Yahoo knew its security was deficient but did little.” The March 12, 2018 article entitled “Data breach victims can sue Yahoo in the United States” included these … Continue reading this entry

Tax phishing attacks leads to theft of millions of passwords at Office365 (think Microsoft)!

Darkreading.com reported a “new wave of phishing attacks aims to dupe users and steal their passwords by disguising malicious emails as tax-related notifications from the IRS.” The March 2, 2018 report entitled “Millions of Office 365 Accounts Hit with Password Stealers” included these comments: Barracuda Networks last month flagged a “critical alert” when it detected … Continue reading this entry

Equifax only had $75M in cybersecurity insurance but expect claims of at least $275M!

Reuters reported that Equifax’s 2017 cyber incident where +147M consumers’ data was stolen included “costs mainly reflect technology and data security upgrades, legal fees, and free identity theft protection and credit monitoring offered to the more than 147 million consumers affected by the cyber security incident.”  The March 2, 2018 report entitled “Equifax expects $200 … Continue reading this entry

What took the SEC so long to adopt Cybersecurity Disclosure requirements?

The Securities and Exchange Commission (SEC) Chairman Jay Clayton announced the SEC’s approval of the “Commission Statement and Guidance on Public Company Cybersecurity Disclosures” under which “the disclosure requirements under the federal securities laws that public operating companies must pay particular attention to when considering their disclosure obligations with respect to cybersecurity risks and incidents.”  … Continue reading this entry

Cybersecurity threats targeted at State elections?

The Washington Post wrote an article that “State officials have been scrambling to address vulnerabilities in their systems, particularly since the fall, when the Department of Homeland Security disclosed the attempts on the 21 states. Though it is not believed there were further attacks, experts say Russian operatives may have been laying the groundwork for … Continue reading this entry

New US Attorney has extensive Cybersecurity experience!

TexasLawyer.com recently interviewed Erin Nealy Cox (US Attorney for the Northern District of Texas since November 2017) who described her  “…expertise in cybersecurity will help me identify and communicate the threats to the affected communities so they can understand and craft solutions needed to defend themselves; and it will help me ensure that my prosecutors … Continue reading this entry

Watch Out! Cyberattack scams the FBI impersonating the Internet Complaint Center (IC3)!

Darkreading reports that there has been a new cyberattack at the FBI Internet Crime Complaint Center (IC3) which “scams people into providing personal data and downloading malicious files by impersonating the”… IC3…which is “intended to give the public a reliable means of reporting suspected illegal activity online.”  The February 2, 2018 report entitled “Cyberattack Impersonates … Continue reading this entry

Cybersecurity Software: Kaspersky Lab filed a lawsuit against US government to enjoin federal ban!

Darkreading reported that Kaspersky Lab’s filed a motion for injunctive relief against the Department of Homeland Security’s ban which has “caused considerable reputational damage and loss of sales to the company in North America. The debarment has precluded Kaspersky Lab from doing business with the US federal government, while hurting its consumer and commercial business … Continue reading this entry

Did you know that Artificial Intelligence (“AI” aka Machine Learning “ML”) is critical in Cybersecurity?

Darkreading’s recent article identified goals of using ML in Cybersecurity “To make a broad statement, we are trying to use ML to identify malicious behavior or malicious entities; call them hackers, attackers, malware, unwanted behavior, etc. In other words, it comes down to finding anomalies.”  The January 11, 2018 article entitled “AI in Cybersecurity: Where … Continue reading this entry

You don’t want to hear this - Chip makers confess that every computer in the world is at cyber risk!

Every single computer (including cells, tablets, PCs, & servers) has a Central Processing Unit (CPU) made by Intel, AMD, & ARM and security experts found “two problems, called Meltdown and Spectre, could allow hackers to steal the entire memory contents of computers, including mobile devices, personal computers and servers running in so-called cloud computer networks.”  … Continue reading this entry

Of course, testing is 1 of the 5 easy steps to beat Ransomware!

Unitrends issued a white paper which stated that “the truth is that all industries are vulnerable to ransomware. Email, databases and business applications run on similar infrastructure and operating systems across all industries.”  The white paper was entitled “Beat Ransomware in 5 Easy Steps, Be Prepared to Fight or Be Prepared to Pay” included these … Continue reading this entry

Note to Ransomware Criminals – North Carolina Counties will not pay ransom…so go elsewhere!

The New York Times reported that Mecklenburg County, North Carolina (which includes the city of Charlotte) refused to “pay a $23,000 ransom to a group of hackers who seized control of several government computer systems” and the County was operating without “the internet, civil servants were doing their jobs using “paper processes.””  The December 6, … Continue reading this entry

Are you kidding me? Only 15% of US companies have insurance for their data!

One might conclude it makes a lot of sense to insure business data after considering Tableau’s report that included Ponemon’s estimate that the “average total cost of a data breach was estimated at $3.62 million.”  The December 2017 report entitled “2018 Top 10 Business Intelligence Trends” included the #5 Rise of the Chief Data Officer … Continue reading this entry

Uber paid a ransom to hackers who stole 57 million Uber records last year!

The New York Times reported that Uber fired it security officer after “two hackers stole data about the company’s riders and drivers — including phone numbers, email addresses and names — from a third-party server and then approached Uber and demanded $100,000 to delete their copy of the data.” The November 21, 2017 report entitled … Continue reading this entry

FBI recommends two-factor authentication & training to thwart Spearphishing!

Among a number of recommendations to avoid Spearphishing (aka Business Email Compromise – BEC) the FBI recommends that “employees to use two-factor authentication to access corporate e-mail accounts.” The November 14, 2017 FBI News Report entitled “FBI Tech Tuesday—Digital Defense Against Business E-mail Compromises” included this advice about training employees to: watch for suspicious requests, … Continue reading this entry

100% of businesses affected by mobile malware (think BYOD)!

Darkreading reported that every “business with BYOD and corporate mobile device users across the globe has been exposed to mobile malware.”  The November 17, 2017 report entitled “Mobile Malware Incidents Hit 100% of Businesses” included these comments: …BYOD devices are usually more susceptible to attack than corporate devices because they are not managed by such … Continue reading this entry