Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: E-Mail

A New Focus on Law Firm Cybersecurity

A New Focus on Law Firm CybersecurityDaniel Garrie January 11, 2017.

“Law firms have long held a hallowed position in the corporate world, as the preeminent keeper of confidences. But the frequency with which law firms are falling victim to data breaches and hacks should leave clients questioning their firm’s data security. Due to their trusted position in the business world, law firms have become a prime target for cyber criminals, and without adequate data security confidential client information can fall into the hands of a wide variety of bad actors.Consider the following hypothetical about a top global firm. It has attorneys working with companies and individuals in virtually every industry in the world. These attorneys are privy to a wide variety of highly sensitive and confidential financial information — information that would be of great value to cyber-criminals. A senior mergers and acquisitions partner chose to use his smartphone for both work and personal use. As a senior partner, no one was willing to require the need to segregate data and users. The senior partner regularly let his son use the smartphone to surf the Internet and download games. One day, the son downloads a game which has malware code attached to it. The malware infiltrated the firm’s email server. This silent intrusion allowed a cyber-criminal to monitor all emails in the senior partner’s practice group. The cyber-criminal was able to access confidential financial information, which allowed him to engage in insider trading, making millions of dollars off of the information, and causing serious harm to the firm’s client by driving up the price of the stock. While the above hypothetical may seem like a doomsday scenario, it can happen, as revealed in a recent indictment in the Southern District of New York. The indictment alleged that three criminals gained access to a top law firm’s email server through undisclosed means. On multiple occasions, these criminals were able to gain confidential inside information about pending M&A deals. The criminals were then able to trade on that information, making more than $4 million before being caught. The criminals were charged with insider trading, wire fraud, and violations of the Computer Fraud and Abuse Act. While the facts are little known for how the criminals in the above case broke into the firm’s mail servers, it’s likely that the criminals exploited a lawyer with access to the email server — a much easier pathway — rather than attacking the system directly.”

DOJ OIG Announces Initiation of Review of agency and FBI actions prior to election

News release: “Department of Justice Inspector General Michael E. Horowitz announced today that, in response to requests from numerous Chairmen and Ranking Members of Congressional oversight committees, various organizations, and members of the public, the Office of the Inspector General (OIG) will initiate a review of allegations regarding certain actions by the Department of Justice… Continue Reading

Obama releases redacted report on Russian hacking and US elections

Follow up to previous posting, WaPo reports US intel documents Russian geopol jubilation at Trump win, which included a wide ranging resources on this issue – see today Via Politico: “The Obama administration on Friday officially blamed Russian President Vladimir Putin for directing a massive cyber assault against the U.S. election in an attempt to… Continue Reading

WaPo reports US intel documents Russian geopol jubilation at Trump win

Follow up to previous posting today – President-elect plans to restructure US intelligence agencies – via Washington Post – U.S. intercepts capture senior Russian officials celebrating Trump win – “Senior officials in the Russian government celebrated Donald Trump’s victory over Hillary Clinton as a geopolitical win for Moscow, according to U.S. officials who said that… Continue Reading

President-elect plans to restructure US intelligence agencies

WSJ – President-elect works on restructuring Office of the Director of National Intelligence, tweets again his doubts that Russia hacked Democrats – “President-elect Donald Trump, a harsh critic of U.S. intelligence agencies, is working with top advisers on a plan that would restructure and pare back the nation’s top spy agency, people familiar with the… Continue Reading

French workers win legal right to avoid checking work email out-of-hours

Agence France-Presse via The Guardian – “From 1 January, workers have ‘right to disconnect’ as France seeks to establish agreements that afford work flexibility but avoid burnout woman checks her phone while lying in bed From Sunday, French companies will be required to guarantee their employees a “right to disconnect” from technology as the country… Continue Reading

EFF – The State of Crypto Law: 2016 in Review

Nate Cardozo – The State of Crypto Law: 2016 in Review – “This year was one of the busiest in recent memory when it comes to cryptography law in the United States and around the world…In this post, we’ll run down the list of things that happened, how they could have gone wrong (but didn’t),… Continue Reading

WaPo – Russian operation hacked a Vermont utility – updated

Correction to WaPo story via Washington Post – Russian government hackers do not appear to have targeted Vermont utility, say people close to investigation – “U.S. officials are continuing to investigate the laptop. In the course of their investigation, though, they have found on the device a package of software tools commonly used by online criminals… Continue Reading

DHS/FBI issue joint report on Russian hacking of US election and subsequent govt sanctions

ABC News – Obama Issues Sanctions for Alleged Russian Hacking – “President Obama has expelled 35 Russian nationals and sanctioned five Russian entities and four individuals for an alleged cyber assault on Democratic political organizations during the 2016 presidential campaign, the White House announced today. “I have ordered a number of actions in response to… Continue Reading

Site documents biggest data breaches in history

Biggest data breaches in history – Dave Albaugh – Data breaches, 2004-2016 – “With a history of more than 5,000 data breaches over the last 12 years, it’s a safe bet that any electronic information relating to you is either at risk or has already been compromised at least once. As James Comey, the director… Continue Reading

Cyberattacks at major law firms highlight security gaps

WSJ.com, Sara Randazzo: “Major U.S. law firms have become more vigilant in recent years about the risks of cyberattacks, but revelations this week of a major hack on two New York firms are a reminder that the industry remains vulnerable. The Manhattan U.S. attorney’s office unsealed a criminal indictment Tuesday against three Chinese men accused… Continue Reading

Intel agencies sued for records on Russian election interference

Follow-up to previous posting – Unreleased CIA assessment concludes Russia aided Trump – via The Hill – Lydia Wheeler, December 27, 2016: “A lawsuit has been filed against the CIA, the FBI, the Department of Homeland Security and the Office of the Director of National Intelligence seeking records pertaining to Russia’s interference in the presidential… Continue Reading