The NFL Twitter Hack Shows We Need to Move Past Password Protection

Libraries, professional athletes and the general public can invest significant time developing complex passwords to protect their accounts, but nothing can change the fact that a malicious attacker with an internet connection can hack an account with nothing more than a keyboard. For decades, the public have happily relied on passwords—those unique combinations of letters, numbers and symbols—to protect their online accounts and information. While most know that anything connected to the internet is accessible by anyone on Earth, including the criminal with a keyboard… Continue Reading

Ransomware Hits Hard During 2019

Highly visible ransomware attacks have occurred since the start of 2019. At their most basic, ransomware attacks involve the introduction of malware onto a victim’s computer or server, rendering it unusable. The fraudsters will then demand payment from the victim in order to restore the systems. In recent months, major cities such as Atlanta, Baltimore, and Johannesburg have fallen victim to ransomware attacks. The ransomware attack to Baltimore is especially revealing as its impacts continue to be felt. While the mayor rebuffed the criminals’ demand… Continue Reading

Millennials Reporting More Electronic Scams, but Smaller Losses than Individuals Over 40

Scams, whether initiated online or over the phone, affect people of all ages. However, to the surprise of some, the Federal Trade Commission (FTC) has found that individuals in the millennial generation, which the FTC defined as people between 20 and 39, are 25 percent more likely to report losing money to fraud from electronic scams.  In its report, the FTC analyzed the reporting rates of fraud from September 2017 to August 2019, including the following types: 1. Online shopping 2. Business imposter scams… Continue Reading

Ransomware Demands Increase for Municipalities

The trend of hitting local municipalities with ransomware attacks has continued this summer, along with increased monetary demands. In a recent attack, a small city outside of Jacksonville, Florida had its computers totally disabled when a hacker infiltrated its system and demanded bitcoin in exchange for the city’s data. For several days, the city attempted to resolve the issue without paying by working with the FBI and a security consultant. While these attempts may have eventually been successful, the city ultimately determined that paying the Continue Reading

Cyber Insurance: Enabler of Ransomware Events? Not Quite

Ransomware is once again front and center in the news with reports of a rash of attacks on public and private entities throughout the United States. Some suggest that the proliferation of cyber insurance is fanning the flames of cyberattacks, but there is scant evidence to support that conclusion. In fact, cyber insurance merely offers insureds options in how to respond to a ransomware event. A recent ProPublica article speculates that cyber insurance’s ability to assist insured’s operations to quickly recover from a ransomware event… Continue Reading

Fedex Becomes Victim of Latest Spat of Large Scale Cyber-Related Securities Class Actions

As if anyone needed yet another reminder of the invasive effect a cybersecurity event can have on a business, we need not to look any further than the  putative securities fraud class action lawsuits filed against global logistics giant FedEx. On June 26, 2019, the first lawsuit against FedEx was filed in the Southern District of New York. The complaint generally alleges that FedEx violated federal securities laws when it made allegedly fraudulent disclosures concerning the extent of the impact caused by the NotPetya malware… Continue Reading

What Is Modern Warfare? Ninth Circuit Rules War Exclusions Do Not Preclude Coverage for First Party Loss Caused by Hamas Rocket Attacks

On July 12, 2019, the Ninth Circuit Court of Appeals found two “war” exclusions inapplicable, under California law, to a loss caused by 2014 hostilities between Israel and Hamas. Universal Cable Productions, LLC v. Atlantic Specialty Insurance Co., No. 17-56672, 2019 WL 3049034 (July 12, 2019). In doing so, the court overturned the Central District of California’s award of summary judgment in favor of Atlantic Specialty Insurance Company. The parties’ dispute arose out of Atlantic’s refusal to indemnify Universal for costs associated with Universal’s… Continue Reading

House Representatives Ask Facebook to Halt Moving Forward with its Cryptocurrency

In the beginning of July 2019, four members of Congress in leadership roles in various committees in the House of Representatives issued a letter to Facebook’s executives calling for Facebook “to agree to a moratorium on any movement forward” with its proposed cryptocurrency, Libra, and proposed digital wallet, Calibra, citing concerns over “privacy, trading, national security, and monetary policy[.]”    In June 2019, Facebook announced its plan, which had been in development for a year, to create a cryptocurrency backed by financial assets assembled by the… Continue Reading

Preparing Private Companies for Politically Motivated Cyberattacks

Law firms in the midst of large and publicly reported M&A deals, accounting firms during return season, and Facebook at just about any moment, should all assume that they are being targeted by hackers. However, the Department of Homeland Security’s (DHS) announcement that Iranian regime actors and proxies have been using “wiper” attacks adds a new indicator: geopolitical importance during politically sensitive times. The director of the Cybersecurity and Infrastructure Security Agency (CISA) released a tweet late last week notifying the public that Iran is… Continue Reading

First Circuit Finds There is No Expectation of Privacy for IP Address Information

In an important holding regarding an individual’s constitutional right to protection from unreasonable searches, the United States Court of Appeals, First Circuit, held that a criminal defendant did not have a reasonable expectation of privacy in internet protocol (IP) address data that was acquired by the government from a smart phone application company without a search warrant. In U.S. v. Hood, — F.3d. –, 2019 WL 1466943 (1st Cir. 2019), a user of the smart phone messaging application Kik, who went by the username… Continue Reading