Internet, Information Technology & e-Discovery Blog

Internet, Information Technology & e-Discovery Blog

Social changes brought about by the Internet & Technology

Category Archives: Cyber

Subscribe to Cyber RSS Feed

Of course, testing is 1 of the 5 easy steps to beat Ransomware!

Posted in Cyber
Unitrends issued a white paper which stated that “the truth is that all industries are vulnerable to ransomware. Email, databases and business applications run on similar infrastructure and operating systems across all industries.”  The white paper was entitled “Beat Ransomware in 5 Easy Steps, Be Prepared to Fight or Be Prepared to Pay” included these… Continue Reading

Note to Ransomware Criminals – North Carolina Counties will not pay ransom…so go elsewhere!

Posted in Cyber, eCommerce
The New York Times reported that Mecklenburg County, North Carolina (which includes the city of Charlotte) refused to “pay a $23,000 ransom to a group of hackers who seized control of several government computer systems” and the County was operating without “the internet, civil servants were doing their jobs using “paper processes.””  The December 6,… Continue Reading

Are you kidding me? Only 15% of US companies have insurance for their data!

Posted in Cyber, eCommerce
One might conclude it makes a lot of sense to insure business data after considering Tableau’s report that included Ponemon’s estimate that the “average total cost of a data breach was estimated at $3.62 million.”  The December 2017 report entitled “2018 Top 10 Business Intelligence Trends” included the #5 Rise of the Chief Data Officer… Continue Reading

Uber paid a ransom to hackers who stole 57 million Uber records last year!

Posted in Cyber, eCommerce
The New York Times reported that Uber fired it security officer after “two hackers stole data about the company’s riders and drivers — including phone numbers, email addresses and names — from a third-party server and then approached Uber and demanded $100,000 to delete their copy of the data.” The November 21, 2017 report entitled… Continue Reading

FBI recommends two-factor authentication & training to thwart Spearphishing!

Posted in Cyber, eCommerce, Uncategorized
Among a number of recommendations to avoid Spearphishing (aka Business Email Compromise – BEC) the FBI recommends that “employees to use two-factor authentication to access corporate e-mail accounts.” The November 14, 2017 FBI News Report entitled “FBI Tech Tuesday—Digital Defense Against Business E-mail Compromises” included this advice about training employees to: watch for suspicious requests,… Continue Reading

100% of businesses affected by mobile malware (think BYOD)!

Posted in Cyber, eCommerce
Darkreading reported that every “business with BYOD and corporate mobile device users across the globe has been exposed to mobile malware.”  The November 17, 2017 report entitled “Mobile Malware Incidents Hit 100% of Businesses” included these comments: …BYOD devices are usually more susceptible to attack than corporate devices because they are not managed by such… Continue Reading

Whoa! Did you know that Equifax claims to own your data?

Posted in Cyber, eCommerce, Internet Privacy
In testimony before the US Senate we hear that “Equifax, and not consumers, that owns all the granular data collected about them, and that consumers cannot request to exit the company’s files.”  The Washington Post’s report on November 8, 2017 entitled “Equifax says it owns all its data about you” started with the comment that… Continue Reading

Think twice before relying on search engine results since they may have MALWARE links!

Posted in Cyber, eCommerce
Darkreading reported that criminals are “using Search Engine Optimization (SEO) to populate search results with malicious links and distribute the Zeus Panda Banking Trojan through a compromised Word document.”  The November 3, 2017 article entitled “Hackers Poison Google Search Results to Deliver Zeus Panda” included these comments: SEO enables hackers to make their links more… Continue Reading

Watch out!! “Mobile Messaging Apps” are the new home for the Dark Web!

Posted in Cyber
Darkreading reported that “mobile messaging apps are rising in favor as the newest Dark Web alternatives that crooks have landed upon to do business with one another.”   The October 26, 2017 report entitled “Dark Web Marketplaces’ New Home: Mobile Messaging Apps”  has the subtitle “Telegram, Discord, Whatsapp grow in popularity as criminals look for more… Continue Reading

Over 1 billion views of RT (Russian News channel) on YouTube since 2013!

Posted in Cyber
The New York Times report is about “723 Internet Years Old” (think 4 human years) that a YouTube VP joined a state-backed Russian news channel “RT anchor in a studio, where he praised RT for bonding with viewers by providing “authentic” content instead of “agendas or propaganda.””  The October 23, 2017 report entitled “Russia’s Favored… Continue Reading

Did Facebook delete Russian bought ads because of a bug?

Posted in Cyber
The Washington Post wrote that Facebook “it has merely corrected a “bug” that allowed [Jonathan] Albright, who is research director of the Tow Center for Digital Journalism at Columbia University, to access information he never should have been able to find in the first place.”  The October 12, 2017 article entitled “Facebook takes down data… Continue Reading

Google confesses that Russia bought Google Search and YouTube ads to influence the 2016 election!

Posted in Cyber
The Washington Post reported that Google admitted that it “found that tens of thousands of dollars were spent on ads by Russian agents who aimed to spread disinformation across Google’s many products, which include YouTube, as well as advertising associated with Google search, Gmail, and the company’s DoubleClick ad network.” The October 9, 2017 report… Continue Reading

Do you trust Equifax? Apparently IRS believes a new $7.25 million contract with Equifax is a good idea!

Posted in Cyber, eCommerce
Gizmodo reported that IRS supports its new $7.25 million contract with Equifax as a “no bid sole source” contract “to help verify US taxpayers’ identities” …and without which “would have prevented thousands of hurricane victims from obtaining much needed…. tax information.”  The October 5, 2017 story entitled “IRS Chief Says Aborting Equifax Contract Could Harm… Continue Reading

Surprised? Equifax learned about its cyber exposure in March, but failed to do anything!

Posted in Cyber, eCommerce
Rueters reported that former Equifax CEO Richard Smith (who retired suddenly last week) provided written testimony that “Equifax was alerted to the breach by the U.S. Homeland Security Department on March 9,…, but it was not patched.”  The October 2, 2017 report entitled “Equifax failed to patch security vulnerability in March: former CEO” included these… Continue Reading

GUEST BLOG: Will cyber disasters finally be the reason that IT folks learn to speak English rather than Geek Talk (think Technology)?

Posted in Cyber, IT Industry
My Guest Blogger Eddie Block (CISSP, CIPM, CIPP/G, CISA, CEH) is a senior attorney in Gardere’s Litigation Group and member of the Cybersecurity and Privacy Legal Services Team who focuses on all aspects of information cyber security, including credentialing functions, firewall and IDS deployment and monitoring, and penetration testing, and related complex litigation.  Eddie blogs at JurisHacker. For many years… Continue Reading

Poor cyber security equals +1.9 billion records exposed in the first 6 months of 2017!

Posted in Cyber
Gemalto issued a report that “identity theft breaches continues to remain high and result in many records being stolen shows that organizations are still not adequately addressing this threat.” The September 2017 report entitled “2017 Poor Internal Security Practices Take a Toll” included these comments: A large portion of accidental loss are the result of… Continue Reading

GUEST BLOG: Are you surprised to hear that Equifax’s security chief doesn’t have a degree in technology, rather majored in music?

Posted in Cyber, IT Industry
My Guest Blogger Eddie Block (CISSP, CIPM, CIPP/G, CISA, CEH) is a senior attorney in Gardere’s Litigation Group and member of the Cybersecurity and Privacy Legal Services Team who focuses on all aspects of information cyber security, including credentialing functions, firewall and IDS deployment and monitoring, and penetration testing, and related complex litigation.  Eddie blogs at JurisHacker. What qualifies a… Continue Reading

Oops! Malware distributed with antivirus software to more than 2.27 million users!

Posted in Cyber
My good friend Kevin Campbell (SVP/CIO at Hunt Consolidated, Inc.) shared this bad news that “Antivirus firm Avast has admitted inadvertently distributing a trojanised version of CCleaner, a popular PC tune-up tool, for nearly a month, infecting an estimated 2.27 million users.”  This news was reported by The Register on September 18, 2017 entitled “Downloaded… Continue Reading

GUEST BLOG: Neither Rain, nor Sleet, nor Dark of Night Shall Stay the Application of HIPAA Regulations…

Posted in Cyber, Internet Privacy
My Guest Blogger Eric Levy is a senior attorney in Gardere’s Trial Practice Group who focuses on HIPAA, PHI, cyber security, PCI compliance, PII, eCommerce, and related complex contract negotiations and litigation. Eric has received the Certified Information Privacy Professional (CIPP-US) designation from the International Association of Privacy Professionals (“IAPP”). It is beyond dispute that Hurricanes… Continue Reading

Equifax confessed that it failed to protect personal data of 143+MILLION CUSTOMERS!

Posted in Cyber, eCommerce, Internet Privacy
The New York Times reported “that hackers had gained access to company data that potentially compromised sensitive information for 143 million American consumers, including Social Security numbers and driver’s license numbers.”  The September 7, 2017 report entitled “Equifax Says Cyberattack May Have Affected 143 Million Customers” included the bad news: Potentially adding to criticism of… Continue Reading

Yahoo loses a court battle and a class action will proceed for massive cyber breaches in 2013-16!

Posted in Cyber
Reuters reported that “Yahoo must face nationwide litigation brought on behalf of well over 1 billion users who said their personal information was compromised in three massive data breaches.” On August 30, 2017 US District Judge Lucy Koh (Northern District of California- San Jose) in the case of In Re: Yahoo! Inc. Customer Data Security… Continue Reading

Less than 50% US businesses have cyber insurance, so what can they do to avoid a cyber disasters?

Posted in Cyber
Darkreading reported “some organizations refuse to buy cyber insurance out of the misguided notion that they don’t “need” to worry about being hacked, this mindset isn’t entirely at fault….many enterprises have been left high and dry by cyber-insurance policies that didn’t fully protect them after a major cyber attack.” The August 21, 2017 article entitled… Continue Reading

Watch out! ‘Fancy Bear’ may be ready to steal your data while using hotel wifi!

Posted in Cyber, Internet Access
Wired reported about a “Russian espionage campaign has used those Wi-Fi networks to spy on high-value hotel guests, and recently started using a leaked NSA hacking tool to upgrade their attacks.” Wired’s August 11, 2017 report was entitled “Russia’s ‘Fancy Bear’ Hackers Used Leaked NSA Tool to Target Hotel Guests” which included FireEye’s report that:… Continue Reading

Here’s a good idea – don’t agree to cloud Click Agreements because the cloud is such a huge target for cybercriminals!

Posted in Cyber, E-Discovery, eCommerce
More businesses should use lawyers that understand how to negotiation cloud agreements because the Click Agreement don’t provide all necessary legal requirements given Cisco’s report that “The cloud is a whole new frontier for hackers, and they are exploring its potential as an attack vector in earnest…They also recognize that they can infiltrate connected systems… Continue Reading