Cybersecurity

Subscribe to Cybersecurity

Seyfarth Shaw LLP is pleased to be a Global Sponsor at ITechLaw’s 2018 World Technology Conference in Seattle, May 16-18.

Fairmont Olympic Hotel
411 University Street
Seattle, WA 98101

ITechLaw is a not-for-profit organization established to inform and educate lawyers about the unique legal issues arising from the evolution, production, marketing, acquisition and use of information and communications technology.

The World Conference will feature a wide-ranging program and invaluable networking opportunities that will focus on cutting-edge legal topics and will provide practical insight into the latest developments in technology law.

This year, Seyfarth Shaw Partner Robert B. Milligan is on ITechLaw’s Board of Directors and is the Co-Chair of the Local Representative Committee. Seyfarth Shaw Partner Eric Barton will be on a panel for the “Cyber Vulnerabilities & Crime” session on Friday. This session will focus on a broad range of issues influenced by the vulnerability of today’s data, including the protection of data in Russia, handling an online crisis, ransomware, and protecting IP. Seyfarth Shaw Partner Daniel Hart is also scheduled to attend and participate at the conference.

Please stop by our table during the conference to learn about our Intellectual Property, Corporate, Global Privacy & Security, and Trade Secrets, Computer Fraud & Non-Competes Practice Groups.

For more information click here: https://www.itechlaw.org/seattle2018

To develop consensus and non-partisan principles for best practices in managing trade secret litigation and well-vetted recommendations for consideration in protecting trade secrets, recognizing that every organization, both large and small, has and uses trade secrets; that trade secret disputes frequently intersect with other important public policies such as employee mobility and international trade; and that trade secret disputes are litigated in both state and federal courts.

Robert Milligan, Seyfarth Partner and Co-Chair of the Trade Secrets, Computer Fraud, and Non-Competes Practice Group, is an inaugural member of the WG12 Steering Committee, which consists of experts in the trade secret issues. Continue Reading Robert Milligan on the Inaugural Steering Committee of the Sedona Conference’s New Working Group 12 on Trade Secrets

Continuing our annual tradition, we present the top developments/headlines for 2017/2018 in trade secret, computer fraud, and non-compete law.

1. Notable Defend Trade Secrets Act Developments

Just two years after its enactment, the Defend Trade Secrets Act (“DTSA”) continues to be one of the most significant and closely followed developments in trade secret law. The statute provides for a federal civil cause of action for trade secret theft, protections for whistleblowers, and new remedies (e.g., ex parte seizure of property), that were not previously available under state trade secret laws. Continue Reading Top Developments/Headlines in Trade Secret, Computer Fraud, and Non-Compete Law in 2017/2018

As a special feature of our blog—special guest postings by experts, clients, and other professionals—please enjoy this blog entry from Jonathan Karchmer, a senior managing consultant at iDiscovery Solutions.

Determining whether programs or malware actually ran on a system is an important goal of seasoned examiners when investigating computer evidence. Generally, there are several artifacts left behind anytime executables are run—regardless of whether the program is Outlook, Chrome, or something malicious. Today we’ll cover some artifacts we encounter on Windows systems. Continue Reading Locating Digital Breadcrumbs: Programs Can Run, But They Can’t Hide

The use of open file sharing platforms in business continues to increase in 2017; Dropbox alone has over 200,000 active business accounts. Unfortunately, the convenience of these platforms and the increase in use by businesses attracts the attention of hackers as well. File sharing platforms and accounts have a high “hack value”—the overall value of the accounts on the dark web—due to the relative ease with which account can be obtained and the sensitivity of the information stored on these platforms.

The risk associated with the use of file share platforms is twofold. First, company supported file share is attractive to attackers because it is guaranteed to contain sensitive information. Second, file share platforms available to employees outside of the company—e.g. the employee Google Drive account—may be used to store company information, but likely do not use the same security standards as those enforced by the company. Attacks on file share platforms are also very real. In August of 2016 Dropbox forced users to reset their passwords based on a breach—60 million account credentials compromised—that had been discovered but was executed four years earlier in 2012. Continue Reading File Share Platforms and Business Risk

shutterstock_594829253As a special feature of our blog—special guest postings by experts, clients, and other professionals—please enjoy this blog entry from Supreet Singh, a senior consultant at iDiscovery Solutions, Inc. 

It’s hard to believe the first smartphone was released over 20 years ago. At that time, few thought it would become such an integral part of our lives. Additionally, this year marks the 10th anniversary of the iPhone and its introduction altered the world of digital forensics. Smartphones contain a wealth of personal and sensitive information like passwords, security or access codes, account numbers, electronic communications, and much more. But they are more than mere containers of data. Between the operating system, installed applications, and service providers, there’s a wealth of information that can provide dramatic insight into conversations, activities, habits, preferences, and movements of the phone’s user.

There are essentially three places where smartphone related data can be found: on the phone itself, with mobile app providers (e.g. Facebook, Snapchat, or Yelp), and with the service provider (e.g. AT&T or Verizon). Data from all three sources can be very useful in civil lawsuits, criminal cases, or internal investigations, depending on the needs of the case. Continue Reading The Smartphone: A Treasure Trove of Evidence in Trade Secret Cases

shutterstock_437170435As a special feature of our blog—special guest postings by experts, clients, and other professionals—please enjoy this blog entry from Charlie Platt, a director at iDiscovery Solutions and a Certified Ethical Hacker. He advises clients on data analytics, digital forensics, and cybersecurity.

These days cybersecurity seems to be all about technology. Pen testing, firewalls, port scanning, SIEM, zero-day, IPS, AES256, SHA, DMZ, NIDS, TLS, SS7 – I’ll stop. I could go on, but you get the idea. And I have a vested interest in keeping your attention.

Acronyms and geek-speak abound, and we are ever on the lookout for the next latest and greatest technical solution to secure our digital assets. Unfortunately, that perfect technical solution doesn’t exist and never will. How can I be so sure? Because no matter how well built, or how well thought out our technical solution may be, humans are involved. When humans are involved, they will be the weakest link, and we can’t (yet) re-engineer humans with a technical solution. Continue Reading Technically Speaking, Cybersecurity Isn’t About Speaking Technically

shutterstock_617698010As a special feature of our blog—special guest postings by experts, clients, and other professionals—please enjoy this blog entry from Charlie Platt, a director at iDiscovery Solutions and a Certified Ethical Hacker. He advises clients on data analytics, digital forensics, and cybersecurity.

At the airport recently, waiting for boarding, flipping through an issue of United States Cybersecurity Magazine, an article about detecting insider threats caught my eye. It was loosely based on a list of behaviors it claimed were ideal indicators for detecting insider threats. I thought, “Wow, this is great! I know plenty of clients who could benefit from this information.” Insider threats are difficult to detect, and I was excited by the opportunity to get new insight, but I became more and more distraught as I read on. The longer I read, the more I saw myself, and many of my cyber-colleagues, being described by the author’s so-called threat indicators. How could we, the good guys, be mistaken for threats?

I read through the list again, and for each point, I asked, “Is this a reliable indicator of a real threat, or a false positive?” I’ve provided the entire list below with my thoughts on each item. Continue Reading Great Employee or Insider Threat?

shutterstock_160974335In a recent formal Ethics Opinion, the American Bar Association stressed that lawyers must make reasonable efforts to prevent inadvertent or unauthorized access to confidential information relating to the representation of their clients. The ABA recognized that in the age of constant cybersecurity threats, law firms are targets for hackers for two reasons:

(1) they obtain, store and use highly sensitive information about their clients while at times utilizing safeguards to shield that information that may be inferior to those deployed by the client, and (2) the information in their possession is more likely to be of interest to a hacker and likely less voluminous than that held by the client.

The Opinion further recognizes that while the Model Rules of Professional Conduct do not impose greater or different duties of confidentiality based upon the method by which a lawyer communicates with his or her client, electronic communication involves risks that are constantly changing. Continue Reading ABA Encourages Encryption of Emails When Transmitting Confidential Client Information

Cross Posted from Carpe Datum Law

Recently, a widespread global ransomware attack has struck hospitals, communication, and other types of companies and government offices around the world, seizing control of affected computers until the victims pay a ransom.  This widespread ransomware campaign has affected various organizations with reports of tens of thousands of infections in as many as 99 countries, including the United States, United Kingdom, Spain, Russia, Taiwan, France, and Japan. The software can run in as many as 27 different languages. The latest version of this ransomware variant, known as WannaCryWCry, or Wanna Decryptor, was discovered the morning of May 12, 2017, by an independent security researcher and has spread rapidly.

The risk posed by this ransomware is that it enumerates any and all of your “user data” files like Word, Excel, PDF, PowerPoint, loose email, pictures, movies, music, and other similar files.. Once it finds those files, it encrypts that data on your computer, making it impossible to recover the underlying user data without providing a decryption key. Also, the ransomeware is persistent, meaning that if you create new files on the computer while it’s infected, those will be discovered by the ransomware and encrypted immediately with an encryption key. To get the decryption key, you must pay a ransom in the form of Bitcoin, which provides the threat actors some minor level of anonymity.  In this case, the attackers are demanding roughly $300 USD. The threat actors are known to choose amounts that they feel the victim would be able to pay in order to increase their “return on investment.”

The ransomware works by exploiting a vulnerability in Microsoft Windows. The working theory right now is that this ransomware was based off of the “EternalBlue” exploit, which was developed by the U.S. National Security Agency and leaked by the Shadowbrokers on April 14, 2017. Despite the fact that this particular vulnerability had been patched since March 2017 by Microsoft, many Windows users had still not installed this security patch, and all Windows versions preceding Windows 10 are subject to infection. Continue Reading WannaCry Ransomware Attack: What Happened and How to Address