Cybersecurity

Subscribe to Cybersecurity via RSS

shutterstock_437170435As a special feature of our blog—special guest postings by experts, clients, and other professionals—please enjoy this blog entry from Charlie Platt, a director at iDiscovery Solutions and a Certified Ethical Hacker. He advises clients on data analytics, digital forensics, and cybersecurity.

These days cybersecurity seems to be all about technology. Pen testing, firewalls, port scanning, SIEM, zero-day, IPS, AES256, SHA, DMZ, NIDS, TLS, SS7 – I’ll stop. I could go on, but you get the idea. And I have a vested interest in keeping your attention.

Acronyms and geek-speak abound, and we are ever on the lookout for the next latest and greatest technical solution to secure our digital assets. Unfortunately, that perfect technical solution doesn’t exist and never will. How can I be so sure? Because no matter how well built, or how well thought out our technical solution may be, humans are involved. When humans are involved, they will be the weakest link, and we can’t (yet) re-engineer humans with a technical solution.
Continue Reading Technically Speaking, Cybersecurity Isn’t About Speaking Technically

shutterstock_486112282In a series of breakfast briefings, Seyfarth attorneys Robert Milligan, Joshua Salinas, and Scott Atkinson, joined by Jim Vaughn, one of California’s leading computer forensic experts, discussed how to navigate the tricky waters and provided best practices for trade secret protection. The briefings covered how to best identify and protect trade secrets, what employers need to know about the DTSA,
Continue Reading Briefing Recap! Trade Secret Protection: What Every California Employer Needs to Know

shutterstock_617698010As a special feature of our blog—special guest postings by experts, clients, and other professionals—please enjoy this blog entry from Charlie Platt, a director at iDiscovery Solutions and a Certified Ethical Hacker. He advises clients on data analytics, digital forensics, and cybersecurity.

At the airport recently, waiting for boarding, flipping through an issue of United States Cybersecurity Magazine, an article about detecting insider threats caught my eye. It was loosely based on a list of behaviors it claimed were ideal indicators for detecting insider threats. I thought, “Wow, this is great! I know plenty of clients who could benefit from this information.” Insider threats are difficult to detect, and I was excited by the opportunity to get new insight, but I became more and more distraught as I read on. The longer I read, the more I saw myself, and many of my cyber-colleagues, being described by the author’s so-called threat indicators. How could we, the good guys, be mistaken for threats?

I read through the list again, and for each point, I asked, “Is this a reliable indicator of a real threat, or a false positive?” I’ve provided the entire list below with my thoughts on each item.
Continue Reading Great Employee or Insider Threat?

shutterstock_160974335In a recent formal Ethics Opinion, the American Bar Association stressed that lawyers must make reasonable efforts to prevent inadvertent or unauthorized access to confidential information relating to the representation of their clients. The ABA recognized that in the age of constant cybersecurity threats, law firms are targets for hackers for two reasons:

(1) they obtain, store and use highly sensitive information about their clients while at times utilizing safeguards to shield that information that may be inferior to those deployed by the client, and (2) the information in their possession is more likely to be of interest to a hacker and likely less voluminous than that held by the client.

The Opinion further recognizes that while the Model Rules of Professional Conduct do not impose greater or different duties of confidentiality based upon the method by which a lawyer communicates with his or her client, electronic communication involves risks that are constantly changing.
Continue Reading ABA Encourages Encryption of Emails When Transmitting Confidential Client Information

Cross Posted from Carpe Datum Law

Recently, a widespread global ransomware attack has struck hospitals, communication, and other types of companies and government offices around the world, seizing control of affected computers until the victims pay a ransom.  This widespread ransomware campaign has affected various organizations with reports of tens of thousands of infections in as many as 99 countries, including the United States, United Kingdom, Spain, Russia, Taiwan, France, and Japan. The software can run in as many as 27 different languages. The latest version of this ransomware variant, known as WannaCryWCry, or Wanna Decryptor, was discovered the morning of May 12, 2017, by an independent security researcher and has spread rapidly.

The risk posed by this ransomware is that it enumerates any and all of your “user data” files like Word, Excel, PDF, PowerPoint, loose email, pictures, movies, music, and other similar files.. Once it finds those files, it encrypts that data on your computer, making it impossible to recover the underlying user data without providing a decryption key. Also, the ransomeware is persistent, meaning that if you create new files on the computer while it’s infected, those will be discovered by the ransomware and encrypted immediately with an encryption key. To get the decryption key, you must pay a ransom in the form of Bitcoin, which provides the threat actors some minor level of anonymity.  In this case, the attackers are demanding roughly $300 USD. The threat actors are known to choose amounts that they feel the victim would be able to pay in order to increase their “return on investment.”

The ransomware works by exploiting a vulnerability in Microsoft Windows. The working theory right now is that this ransomware was based off of the “EternalBlue” exploit, which was developed by the U.S. National Security Agency and leaked by the Shadowbrokers on April 14, 2017. Despite the fact that this particular vulnerability had been patched since March 2017 by Microsoft, many Windows users had still not installed this security patch, and all Windows versions preceding Windows 10 are subject to infection.
Continue Reading WannaCry Ransomware Attack: What Happened and How to Address

shutterstock_506478736“I’m from the government and I’m here to help.” Yeah, right.[1]

Most businesses think protecting their intellectual property is their own responsibility, and it is. But what about when your intellectual property rights are violated by an evildoer? Who are you going to call? While your obvious choice will be the law firm sponsoring this blog, you might also be able to get help from your local prosecutor.

Both State Attorneys General and Federal Prosecutors have tools at their disposal that let them bring the full force of the government to your side—when they are motivated to do so. Speaking at a State Fraud & Prevention Summit in Atlanta recently, Georgia Attorney General Chris Carr announced how his office is available to take action on cybersecurity and data breach fraud cases, and he even pointed to several Assistant AGs in the audience who were there and ready to help.[2] Carr said his state’s emphasis on protecting data privacy and security is enhanced by the U.S. Army recently announcing that its new Cyber Command Headquarters (ARCYBER) will be located in Georgia.[3] Other states have similarly dedicated AGs ready to help, and sometimes you can even get local prosecutors to take interest in your case.
Continue Reading Enlisting Government Help to Protect Your Trade Secrets

shutterstock_369954692Seyfarth Shaw, AlixPartners, and Directors Roundtable invite you to attend Cyber Risk Management Facing Boards, C-Suites & General Counsel: Prevention, Crisis Management, and Mitigating Personal Liability, a program for corporate directors, executive officers and general counsel, focused on approaches and strategies to forensic preservation of electronically stored information, as well as an expert summary of forensic technologies and methodologies
Continue Reading Seyfarth Shaw, AlixPartners, and Directors Roundtable to Present Cyber Risk Management Program in San Francisco

WebinarDo you and your firm have adequate cybersecurity to prevent yourself (and your confidential client data) from getting hacked?

On Wednesday, December 7, at 11:00 a.m. Pacific, Richard Lutkus, a partner in Seyfarth Shaw’s eDiscovery and Information Governance Practice; and Joseph Martinez, Chief Technology Officer and Vice President of Forensics, eDiscovery & Information Security at Innovative Discovery, will present
Continue Reading Upcoming Webinar: A Big Target — Cybersecurity for Attorneys and Law Firms

Much has been written about Heartbleed and the significant impact it has on the security infrastructure of the internet. Articles and blog postings have taken both the “sky is falling” and “it’s not so bad” points of view. However, there is a more fundamental issue which has raised its ugly head – is the use of open source “commercially reasonable” in a security framework?
Continue Reading Heartache from Heartbleed – The Security of Open Source

Cross-Posted from The Global Privacy Watch

With all the high-profile cybersecurity breaches that seem to be in the news lately, there is a plethora of “guidance” on cybersecurity. The Attorney General of California has decided to add to this library of guidance with her “Cybersecurity in the Golden State” offering. Cybersecurity is a pretty mature knowledge domain, so I am not quite sure why General Harris has determined that there needs to be additional guidance put in place. However, it is a good reminder of the things that regulators will look for when assessing whether or not “reasonable security” was implemented in the aftermath of a breach. And while there isn’t anything new in the guidance, what is informative is what is not there.
Continue Reading California Attorney General Provides Some Guidance on Cybersecurity