Internet, Information Technology & e-Discovery Blog

Internet, Information Technology & e-Discovery Blog

Social changes brought about by the Internet & Technology

Category Archives: Cyber

Subscribe to Cyber RSS Feed

What took the SEC so long to adopt Cybersecurity Disclosure requirements?

Posted in Cyber
The Securities and Exchange Commission (SEC) Chairman Jay Clayton announced the SEC’s approval of the “Commission Statement and Guidance on Public Company Cybersecurity Disclosures” under which “the disclosure requirements under the federal securities laws that public operating companies must pay particular attention to when considering their disclosure obligations with respect to cybersecurity risks and incidents.” … Continue Reading

Cybersecurity threats targeted at State elections?

Posted in Cyber, Internet Privacy
The Washington Post wrote an article that “State officials have been scrambling to address vulnerabilities in their systems, particularly since the fall, when the Department of Homeland Security disclosed the attempts on the 21 states. Though it is not believed there were further attacks, experts say Russian operatives may have been laying the groundwork for… Continue Reading

New US Attorney has extensive Cybersecurity experience!

Posted in Cyber
TexasLawyer.com recently interviewed Erin Nealy Cox (US Attorney for the Northern District of Texas since November 2017) who described her  “…expertise in cybersecurity will help me identify and communicate the threats to the affected communities so they can understand and craft solutions needed to defend themselves; and it will help me ensure that my prosecutors… Continue Reading

Watch Out! Cyberattack scams the FBI impersonating the Internet Complaint Center (IC3)!

Posted in Cyber, eCommerce
Darkreading reports that there has been a new cyberattack at the FBI Internet Crime Complaint Center (IC3) which “scams people into providing personal data and downloading malicious files by impersonating the”… IC3…which is “intended to give the public a reliable means of reporting suspected illegal activity online.”  The February 2, 2018 report entitled “Cyberattack Impersonates… Continue Reading

Cybersecurity Software: Kaspersky Lab filed a lawsuit against US government to enjoin federal ban!

Posted in Cyber, E-Discovery
Darkreading reported that Kaspersky Lab’s filed a motion for injunctive relief against the Department of Homeland Security’s ban which has “caused considerable reputational damage and loss of sales to the company in North America. The debarment has precluded Kaspersky Lab from doing business with the US federal government, while hurting its consumer and commercial business… Continue Reading

Did you know that Artificial Intelligence (“AI” aka Machine Learning “ML”) is critical in Cybersecurity?

Posted in Cyber, eCommerce
Darkreading’s recent article identified goals of using ML in Cybersecurity “To make a broad statement, we are trying to use ML to identify malicious behavior or malicious entities; call them hackers, attackers, malware, unwanted behavior, etc. In other words, it comes down to finding anomalies.”  The January 11, 2018 article entitled “AI in Cybersecurity: Where… Continue Reading

You don’t want to hear this – Chip makers confess that every computer in the world is at cyber risk!

Posted in Cyber, eCommerce, IT Industry
Every single computer (including cells, tablets, PCs, & servers) has a Central Processing Unit (CPU) made by Intel, AMD, & ARM and security experts found “two problems, called Meltdown and Spectre, could allow hackers to steal the entire memory contents of computers, including mobile devices, personal computers and servers running in so-called cloud computer networks.” … Continue Reading

Of course, testing is 1 of the 5 easy steps to beat Ransomware!

Posted in Cyber
Unitrends issued a white paper which stated that “the truth is that all industries are vulnerable to ransomware. Email, databases and business applications run on similar infrastructure and operating systems across all industries.”  The white paper was entitled “Beat Ransomware in 5 Easy Steps, Be Prepared to Fight or Be Prepared to Pay” included these… Continue Reading

Note to Ransomware Criminals – North Carolina Counties will not pay ransom…so go elsewhere!

Posted in Cyber, eCommerce
The New York Times reported that Mecklenburg County, North Carolina (which includes the city of Charlotte) refused to “pay a $23,000 ransom to a group of hackers who seized control of several government computer systems” and the County was operating without “the internet, civil servants were doing their jobs using “paper processes.””  The December 6,… Continue Reading

Are you kidding me? Only 15% of US companies have insurance for their data!

Posted in Cyber, eCommerce
One might conclude it makes a lot of sense to insure business data after considering Tableau’s report that included Ponemon’s estimate that the “average total cost of a data breach was estimated at $3.62 million.”  The December 2017 report entitled “2018 Top 10 Business Intelligence Trends” included the #5 Rise of the Chief Data Officer… Continue Reading

Uber paid a ransom to hackers who stole 57 million Uber records last year!

Posted in Cyber, eCommerce
The New York Times reported that Uber fired it security officer after “two hackers stole data about the company’s riders and drivers — including phone numbers, email addresses and names — from a third-party server and then approached Uber and demanded $100,000 to delete their copy of the data.” The November 21, 2017 report entitled… Continue Reading

FBI recommends two-factor authentication & training to thwart Spearphishing!

Posted in Cyber, eCommerce, Uncategorized
Among a number of recommendations to avoid Spearphishing (aka Business Email Compromise – BEC) the FBI recommends that “employees to use two-factor authentication to access corporate e-mail accounts.” The November 14, 2017 FBI News Report entitled “FBI Tech Tuesday—Digital Defense Against Business E-mail Compromises” included this advice about training employees to: watch for suspicious requests,… Continue Reading

100% of businesses affected by mobile malware (think BYOD)!

Posted in Cyber, eCommerce
Darkreading reported that every “business with BYOD and corporate mobile device users across the globe has been exposed to mobile malware.”  The November 17, 2017 report entitled “Mobile Malware Incidents Hit 100% of Businesses” included these comments: …BYOD devices are usually more susceptible to attack than corporate devices because they are not managed by such… Continue Reading

Whoa! Did you know that Equifax claims to own your data?

Posted in Cyber, eCommerce, Internet Privacy
In testimony before the US Senate we hear that “Equifax, and not consumers, that owns all the granular data collected about them, and that consumers cannot request to exit the company’s files.”  The Washington Post’s report on November 8, 2017 entitled “Equifax says it owns all its data about you” started with the comment that… Continue Reading

Think twice before relying on search engine results since they may have MALWARE links!

Posted in Cyber, eCommerce
Darkreading reported that criminals are “using Search Engine Optimization (SEO) to populate search results with malicious links and distribute the Zeus Panda Banking Trojan through a compromised Word document.”  The November 3, 2017 article entitled “Hackers Poison Google Search Results to Deliver Zeus Panda” included these comments: SEO enables hackers to make their links more… Continue Reading

Watch out!! “Mobile Messaging Apps” are the new home for the Dark Web!

Posted in Cyber
Darkreading reported that “mobile messaging apps are rising in favor as the newest Dark Web alternatives that crooks have landed upon to do business with one another.”   The October 26, 2017 report entitled “Dark Web Marketplaces’ New Home: Mobile Messaging Apps”  has the subtitle “Telegram, Discord, Whatsapp grow in popularity as criminals look for more… Continue Reading

Over 1 billion views of RT (Russian News channel) on YouTube since 2013!

Posted in Cyber
The New York Times report is about “723 Internet Years Old” (think 4 human years) that a YouTube VP joined a state-backed Russian news channel “RT anchor in a studio, where he praised RT for bonding with viewers by providing “authentic” content instead of “agendas or propaganda.””  The October 23, 2017 report entitled “Russia’s Favored… Continue Reading

Did Facebook delete Russian bought ads because of a bug?

Posted in Cyber
The Washington Post wrote that Facebook “it has merely corrected a “bug” that allowed [Jonathan] Albright, who is research director of the Tow Center for Digital Journalism at Columbia University, to access information he never should have been able to find in the first place.”  The October 12, 2017 article entitled “Facebook takes down data… Continue Reading

Google confesses that Russia bought Google Search and YouTube ads to influence the 2016 election!

Posted in Cyber
The Washington Post reported that Google admitted that it “found that tens of thousands of dollars were spent on ads by Russian agents who aimed to spread disinformation across Google’s many products, which include YouTube, as well as advertising associated with Google search, Gmail, and the company’s DoubleClick ad network.” The October 9, 2017 report… Continue Reading

Do you trust Equifax? Apparently IRS believes a new $7.25 million contract with Equifax is a good idea!

Posted in Cyber, eCommerce
Gizmodo reported that IRS supports its new $7.25 million contract with Equifax as a “no bid sole source” contract “to help verify US taxpayers’ identities” …and without which “would have prevented thousands of hurricane victims from obtaining much needed…. tax information.”  The October 5, 2017 story entitled “IRS Chief Says Aborting Equifax Contract Could Harm… Continue Reading

Surprised? Equifax learned about its cyber exposure in March, but failed to do anything!

Posted in Cyber, eCommerce
Rueters reported that former Equifax CEO Richard Smith (who retired suddenly last week) provided written testimony that “Equifax was alerted to the breach by the U.S. Homeland Security Department on March 9,…, but it was not patched.”  The October 2, 2017 report entitled “Equifax failed to patch security vulnerability in March: former CEO” included these… Continue Reading

GUEST BLOG: Will cyber disasters finally be the reason that IT folks learn to speak English rather than Geek Talk (think Technology)?

Posted in Cyber, IT Industry
My Guest Blogger Eddie Block (CISSP, CIPM, CIPP/G, CISA, CEH) is a senior attorney in Gardere’s Litigation Group and member of the Cybersecurity and Privacy Legal Services Team who focuses on all aspects of information cyber security, including credentialing functions, firewall and IDS deployment and monitoring, and penetration testing, and related complex litigation.  Eddie blogs at JurisHacker. For many years… Continue Reading

Poor cyber security equals +1.9 billion records exposed in the first 6 months of 2017!

Posted in Cyber
Gemalto issued a report that “identity theft breaches continues to remain high and result in many records being stolen shows that organizations are still not adequately addressing this threat.” The September 2017 report entitled “2017 Poor Internal Security Practices Take a Toll” included these comments: A large portion of accidental loss are the result of… Continue Reading

GUEST BLOG: Are you surprised to hear that Equifax’s security chief doesn’t have a degree in technology, rather majored in music?

Posted in Cyber, IT Industry
My Guest Blogger Eddie Block (CISSP, CIPM, CIPP/G, CISA, CEH) is a senior attorney in Gardere’s Litigation Group and member of the Cybersecurity and Privacy Legal Services Team who focuses on all aspects of information cyber security, including credentialing functions, firewall and IDS deployment and monitoring, and penetration testing, and related complex litigation.  Eddie blogs at JurisHacker. What qualifies a… Continue Reading