The U.S. Department of Justice has announced the seizure of AlphaBay, the largest criminal marketplace on the Internet, which was used to sell stolen financial information, identification documents and other personal data, computer hacking tools, drugs, firearms, and a vast … Continue Reading
The impact from the recent Petya/NotPetya ransomware attack — or what was reported as a ransomware attack but now appears to be something even more damaging — continues to spread around the globe, with several new companies coming forward as … Continue Reading
The FTC has updated its Children’s Online Privacy Protection Rule (COPPA) Six-Step Compliance Plan for Your Business “to reflect developments in the marketplace” – including the introduction of internet-connected toys and the Internet of Things.
COPPA applies to operators of … Continue Reading
Several cybersecurity firms and news outlets are reporting a new major cyberattack spreading across the globe. The attack, which is still developing and appears to have hit the UK first, is being described as a “global ransomware incident.” Some of … Continue Reading
On Friday, May 12, the WannaCry ransomware attack struck hundreds of thousands of users across the globe, causing major disruptions in private and public networks. The attack, which encrypts a user’s files and holds them for ransom, may infect a … Continue Reading
The UK government launched its 5-year National Cyber Security Strategy in November 2016, investing a reported £1.9 billion to protect UK businesses from cyber-attacks and make the country the safest place to live and do business online. This strategy has … Continue Reading
Last week, President Trump signed an executive order (EO) designed to strengthen national cybersecurity and critical infrastructure. The EO focuses on the modernization of the federal information technology (IT) network and national cybersecurity risk management. While the order does not … Continue Reading
With the commencement of the workweek, experts predict the WannaCry cyberattack will spread further through systems that rely on older or unpatched versions of Microsoft Windows. The following alert explains the WannaCry ransomware and its impact on businesses and organizations … Continue Reading
Small and medium-sized businesses are turning to software as a service (SaaS) solutions for their IT needs more and more frequently. SaaS solutions can provide end-users with quicker, cheaper access to software that they might not otherwise have at their … Continue Reading
“Cyber threats cannot be eliminated but they can be managed. Cyber experts say that it is not a question of if you will have a cyber-attack, rather it is a question of when. The next question is what you … Continue Reading
Civilian privacy officers and counsel have a rare opportunity following the publication of the January 6, 2017 report from the Office of the Director of National Intelligence, commissioned by Former President Obama, regarding Russian hacking and influence efforts in “recent … Continue Reading
On December 1, 2016, the Commission on Enhancing National Cybersecurity (Commission)—established ten months earlier by President Obama—released its Report on Securing and Growing the Digital Economy (Report). The 50-page Report includes six major imperatives with 16 recommendations and 53 associated … Continue Reading
Yesterday afternoon Yahoo Inc. (Yahoo) announced that user information was stolen from more than one billion accounts in August 2013. Yahoo said that the stolen information includes, “names, email addresses, telephone numbers, dates of birth, hashed passwords (using MD5) and, … Continue Reading
Until relatively recently, retirement plans have not made the news as targets of data breaches. This is somewhat surprising, given the wealth of participants’ personal data stored online by these plans. This past summer, however, two plans experienced cybersecurity incidents, … Continue Reading
As the healthcare industry continues to embrace the Internet of Things, cybersecurity may present unprecedented health and privacy risks to patients. Wireless-enabled medical devices are increasingly common. For some patients, this means that their hearts are, quite literally, connected … Continue Reading
The celebratory confetti has barely settled on the campaign office floor, but in the age of patches, hacks, and cyberattacks, the nation’s attention has shifted to how President-elect Donald Trump will manage U.S. privacy and data security issues.
During the … Continue Reading
Part 1 of this two-part series outlined the mechanics and dangers of ransomware. In Part 2, this post will examine what steps to take, or not to take, during and after a ransomware attack.
“We’ve Been Hit – Now What?”… Continue Reading
The Federal Trade Commission (FTC) is conducting a three-part fall conference workshop on select technology issues. The first conference was held on September 7th about ransomware. The second conference was held on October 13th about Drones and … Continue Reading
This morning the FCC voted along party lines to adopt rules subjecting broadband internet service providers (ISPs) to new consumer privacy regulations. According to the FCC’s press release, the rules give “customers the tools they need to make informed decisions … Continue Reading
On Tuesday, October 4, 2016, the Department of Defense (DoD) issued a long-awaited final rule implementing statutory requirements (10 U.S.C. §§ 391, 393) as part of 32 C.F.R part 236 regarding the reporting, by defense contractors, of certain cyber incidents … Continue Reading
Businesses and financial entities continue to grapple with the increasing frequency and sophistication of hacking, displayed by the recent botnet attack that affected numerous websites on October 21, 2016, as well as the recent SWIFT hack which was used … Continue Reading
Beginning early on October 21, 2016, Dyn, a New Hampshire based internet service company, was the victim of three distributed denial of service (DDoS) attacks. The first attack began at 7am ET and was resolved within about two hours. A … Continue Reading
On October 18, 2016, the Federal Financial Institutions Examination Council (FFIEC) issued answers to frequently asked questions (FAQs) to clarify points in FFEIC’s Cybersecurity Assessment Tool (Assessment). FFIEC released the Assessment in June 2015 to help financial institutions identify their … Continue Reading
“The goal is to turn data into information, and information into insight.” – Carly Fiorina, former CEO, Hewlett-Packard Co.
The most valuable asset of every organization is information. Organizing, analyzing and optimizing this complex source of business intelligence … Continue Reading