Several high profile ransomware attacks have recently rocked the franchise world fomenting uncertainty and anxiety about franchisors’ legal obligations and liability. Ransomware attacks essentially kidnap a company by shutting down its systems and holdings its data hostage until a ransom fee is paid. In addition to the quantifiable hard costs of paying ransom and hiring experts to mitigate damage and re/build cyber defenses, ransomware victims can be damaged by: (a) third-party liability to the customers and other original owners of compromised data; (b) interruption of business operations during the course of and recovery from an attack; and (c) injury to reputation value in the loss of consumer confidence, appearance of incompetence, and customer attrition. In today’s digital golden era, data is among the world’s most valuable assets, earning the tagline: “data is the new oil.” It therefore comes as no surprise that cybersecurity, which has been a hot topic for years, is garnering increased attention and resources from businesses of all sizes and stages. Yet with each new development in defensive cybersecurity, cybercriminals come up with just as many ways to get around those defenses.
Continue Reading Franchisors: Are You Covering Your Digital Assets?

As a special feature of our blog—guest postings by experts, clients, and other professionals—please enjoy this blog entry from Donal O’Connell, Managing Director of Chawton Innovation Services Ltd.

The Neglected Step-Child of IP

Trade secrets have, up until recently, been somewhat ignored. When I started to pay attention to trade secrets, some of my colleagues and contacts probably thought that I was mad.

After all, trade secrets were not included in many IP educational sessions. The subject rarely came up at IP conferences and seminars. This form of IP was not addressed by most IP Law Firms, even so called full service IP Law Firms. It clearly was not in the ‘job spec’ of many in-house IP Managers or Chief IP Officers.
Continue Reading The Increasing Importance of Trade Secrets and Trade Secret Asset Management Explained

This post originally appeared in the June edition of Cyber Law & Strategy.

Somewhere today at least one data security breach is likely to happen. It might not have been publicized and may not have involved millions of records, but there is no doubt it will happen. That is because cybercrime remains one of the most common crimes in the world, and non­criminal exposures are fairly common as well.
Continue Reading Security Breach Responses — As Important and Difficult As Ever

Cross Posted from Carpe Datum Law

Recently, a widespread global ransomware attack has struck hospitals, communication, and other types of companies and government offices around the world, seizing control of affected computers until the victims pay a ransom.  This widespread ransomware campaign has affected various organizations with reports of tens of thousands of infections in as many as 99 countries, including the United States, United Kingdom, Spain, Russia, Taiwan, France, and Japan. The software can run in as many as 27 different languages. The latest version of this ransomware variant, known as WannaCryWCry, or Wanna Decryptor, was discovered the morning of May 12, 2017, by an independent security researcher and has spread rapidly.

The risk posed by this ransomware is that it enumerates any and all of your “user data” files like Word, Excel, PDF, PowerPoint, loose email, pictures, movies, music, and other similar files.. Once it finds those files, it encrypts that data on your computer, making it impossible to recover the underlying user data without providing a decryption key. Also, the ransomeware is persistent, meaning that if you create new files on the computer while it’s infected, those will be discovered by the ransomware and encrypted immediately with an encryption key. To get the decryption key, you must pay a ransom in the form of Bitcoin, which provides the threat actors some minor level of anonymity.  In this case, the attackers are demanding roughly $300 USD. The threat actors are known to choose amounts that they feel the victim would be able to pay in order to increase their “return on investment.”

The ransomware works by exploiting a vulnerability in Microsoft Windows. The working theory right now is that this ransomware was based off of the “EternalBlue” exploit, which was developed by the U.S. National Security Agency and leaked by the Shadowbrokers on April 14, 2017. Despite the fact that this particular vulnerability had been patched since March 2017 by Microsoft, many Windows users had still not installed this security patch, and all Windows versions preceding Windows 10 are subject to infection.
Continue Reading WannaCry Ransomware Attack: What Happened and How to Address

By Misty Blair

In August, we waved farewell to the Cybersecurity Act of 2012 (S.3414). Or, so we thought. The bill, which followed a tortured path of at least four major iterations since the introduction of its predecessor in 2010, finally hit the brick wall of Senate gridlock when a cloture vote failed to end debate. While this failure effectively
Continue Reading Failed Federal Cybersecurity Act May Emerge In Executive Order