Saturday, April 16, 2016

Ransom Seeking Malware, What to know and Do

Ransom seeking malware is nefarious and it comes in different flavors.  The hedge of control is to hold hostage vital information within your network in exchange for compensation.  Healthcare providers, financial institutions, and government entities have been the victim.  Its variants and its methods are complicated means of affecting ways an entity accesses its information assets.  Aside from and email variant which will be touched upon shortly, there are three predominant approaches to ransomware deployment.
As a software, it can be disguised so that it is accepted by the recipient entity including its employees.  Its process involves disabling a network system serving as a lock which will prohibit access to valuable data in the subject entity.  The process can involve encryption of the data so that no one can access it.  There is one variant known to not interrupt access to the computers but the files that are used to process daily work operations are encrypted and not functional.  The second variant of ransomware does not encrypt the files in the subject entity but is creates a block that prevents access to the data assets.  Both are released, supposedly once the ransom is paid.
How entities react to the possibilities of these events is important for purposes of assessing liability.    Coordinated efforts between work groups within an entity is necessary.  Obviously, we can consider the need to monitor the readiness of an entity’s network.  But do entities consider their insurance coverage?  Chances are that this is an area that is overlooked too frequently.  It is a good step to have a designated person authorized to oversee the modifications and updates to an entities network.  It is also savvy to audit the entity’s process to find vulnerabilities.
What is as well intricate is the communications network where emails are the source of sharing data assets within an entity.  It is as well the predominant gateway.  The variant which involves the intruder capturing sensitive emails possibly holding client trade secrets, financial information, medical records, etc., involves a blackmail technique of threatening to disclose publicly the held data assets.  The critical aspect of ransomware efforts is that there is no say that even if the ransom is paid, and it is commonly seeking compensation in Bitcoin, that the data asset will be released and access restored.
Best practices touch upon the necessity of encrypting files while in transit and as they are stored.  It is also prudent to have frequent and timely updates to detection systems. The larger the entity the more likely that access to vital assets is limited to the scope of assigned duties of employees.  An entity should be proactive and train its employees on best practices and provide teaching points on what to look for and be aware of the risks and of the traps.  All this is important along with information technology personnel working together with the administration of an entity in order to anticipate the event and what to do in the event of a ransomware attack.  As well, it is crucial to review the entity’s insurance and determine if there is coverage for cyber extortion.

Lorenzo Law Firm is “Working to Protect your Business, Ideas, and Property on the Web."
Copyright 2016, all rights reserved Lorenzo Law Firm, P.A.

Friday, April 15, 2016

Data Security Relevance to More than Just PII

Data security relevance is customarily popping up in everyday life, business, and in our system of society.  To think that billions use handheld devices for entertainment, staying informed of news, and to also be able to know where they are and where they are going, there is another segment of our network life infrastructure, growingly dependent on being connected so-to-speak.  Medical care providers, accountants, tax services, property appraisers, websites, and even law firms are vulnerable.  Business has garnered higher stakes by virtue of it enhancing process features of administration and service delivery.  Enhancement has come in ways touching upon data storage for files and ease in retrieval and sharing among colleagues. Improved means of communications coupled with the ease of recording such communication by date, title, content, and relevant matter.
To a certain extent, there is a growing responsibility to safeguard that data of amassed personal identifying information (PII) or customer proprietary network information (CPNI) or even confidential personal information (CPI), no matter what legal provision one resorts to find a binding basis for asserting some type of grievance.  Law firms, the bastion for safeguarding rights, records, and maintaining confidentiality, are no longer seen as immune.  As reported, two major American law firms became victim to phishing schemes which targeted employees of the two firms.  The Wall Street Journal and The American Lawyer reported that the firm Cravath, Swaine & Moore and the firm Weil, Gotshal & Manges, were attacked by phishing schemes seeking held and stored client trade secrets, intellectual property, and sensitive client business information.
Data security relevance just shifted from commonly read consumer identity theft, acquisition of social security numbers, and credit card information to corporate espionage seeking competitive trade secret information.  The efforts to safeguard the “valuable” commoditized client information are now at the forefront of and should be of every business or firm, large or small, association or government.  Data security incidents will ubiquitously impinge on boardroom meeting agendas and also reach to district level school board meetings.  The relevance of data security is ever present.

Lorenzo Law Firm is “Working to Protect your Business, Ideas, and Property on the Web."
Copyright 2016, all rights reserved Lorenzo Law Firm, P.A.