Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: Cybersecurity

Secure EDGAR data breach exploited for possible insider trading

Statement on Cybersecurity Chairman Jay Clayton, Sept. 20, 2017
“…Notwithstanding our efforts to protect our systems and manage cybersecurity risk, in certain cases cyber threat actors have managed to access or misuse our systems.  In August 2017, the Commission learned that an incident previously detected in 2016 may have provided the basis for illicit gain through trading.  Specifically, a software vulnerability in the test filing component of our EDGAR system, which was patched promptly after discovery, was exploited and resulted in access to nonpublic information.  We believe the intrusion did not result in unauthorized access to personally identifiable information, jeopardize the operations of the Commission, or result in systemic risk.  Our investigation of this matter is ongoing, however, and we are coordinating with appropriate authorities.  As another example, our Division of Enforcement has investigated and filed cases against individuals who we allege placed fake SEC filings on our EDGAR system in an effort to profit from the resulting market movements…”

Updates pertaining to the breach:

Preventing and Responding to Identity Theft

US Cert Security update: Preventing and Responding to Identity Theft “You can be a victim of identity theft even if you never use a computer. Malicious people may be able to obtain personal information (such as credit card numbers, phone numbers, account numbers, and addresses) by stealing your wallet, overhearing a phone conversation, rummaging through… Continue Reading

Wharton – After Equifax, Can Our Data Ever Be Safe?

Follow up to previous posting – Equifax is one of many companies that collect information about you – via [email protected] – “In the annals of data breaches, the Equifax hacking stands alone due to its sheer scale: Digital thieves traipsed through the personal information of 143 million Americans for several months to do with it… Continue Reading

Under EU General Data Protection Regulation large fines result from failure to protect consumer data

eSecurity Planet: “The massive Equifax breach that recently affected 143 million consumers would have led to hugely significant fines if the European Union’s General Data Protection Regulation (GDPR), which takes effect in May 2018, had already been in place. Under the new rules, organizations that fail to protect sensitive data can be fined up to… Continue Reading

FTC alerts consumers about post Equifax scams

Ring, ring. “This is Equifax calling to verify your account information.” Stop. Don’t tell them anything. They’re not from Equifax. It’s a scam. Equifax will not call you out of the blue. That’s just one scam you might see after Equifax’s recent data breach. Other calls might try to trick you into giving your personal… Continue Reading

CRS – Justice Department’s Role in Cyber Incident Response

Via EveryCRSReport.com: Justice Department’s Role in Cyber Incident Response August 23, 2017 R44926. “Criminals and other malicious actors increasingly rely on the Internet and rapidly evolving technology to further their operations. In cyberspace, criminals can compromise financial assets, hacktivists can flood websites with traffic—effectively shutting them down, and spies can steal intellectual property and government… Continue Reading

New on LLRX – The ‘internet of things’ is sending us back to the Middle Ages

New on LLRX.com – The ‘internet of things’ is sending us back to the Middle Ages The Internet of Things (IoT) has permeated all facets of our lives – professional, family, social – more quickly and expansively than many are willing to acknowledge. The repercussions of IoT are multifaceted – and directly impact issues that… Continue Reading

Equifax hack may have breached personal data on half the US population w/ updates

CNET: “…According to Equifax, which released a statement today, the company’s database was breached through a vulnerability on its website, exposing the personal information of an estimated 143 million people, including some in the UK and Canada….Equifax has set up its own program to help people find out if they were one of the millions… Continue Reading

login.gov – Simple, secure access to government services online

“login.gov offers the public secure and private online access to participating government programs. With one login.gov account, users can sign in to multiple government agencies. Our goal is to make managing federal benefits, services and applications easier and more secure. Because login.gov is a shared service, users need fewer passwords and learn fewer interfaces. Also,… Continue Reading

2017 U.S. State and Federal Government Cybersecurity Research Report

“In August 2017, SecurityScorecard analyzed and scored the current security posture of 552 small, medium and large U.S. government organizations with more than 100 public-facing IP addresses, to determine the state of government cybersecurity programs today. In this report, 2017 U.S. State and Federal Government Cybersecurity Research Report, you’ll learn:  Top performing U.S. State and… Continue Reading

CRS Report – Russia: Background and U.S.

Russia: Background and U.S. Policy, Cory Welt, Analyst in European Affairs, August 21, 2017. “Over the last five years, Congress and the executive branch have closely monitored and responded to new developments in Russian policy. These developments include the following: increasingly authoritarian governance since Vladimir Putin’s return to the presidential post in 2012; Russia’s 2014… Continue Reading

President’s National Infrastructure Advisory Council Report – Securing Cyber Assets

President’s National Infrastructure Advisory Council (NIAC) Report – Securing Cyber Assets – Addressing Urgent Cyber Threats to Critical Infrastructure, August 2017. “Executive Summary: Imperative Takeaways – Our review of hundreds of studies and interviews with 38 cyber and industry experts revealed an echo chamber, loudly reverberating what needs to be done to secure critical U.S.… Continue Reading