June Cyber update from the Office of Rob Kleeger
Jun 02, 2022 3:01 pm
,
I hope this email finds you and your loved ones safe, secure, and healthy. Now that we are beyond Memorial Day and the unofficial start to summer... let me know if you are interested in reconnecting!
All the best,
Rob Kleeger
1010101001010111010101100010100101010010101
Words of Wisdom:
"You've got to be very careful if you don't know where you are going, because you might not get there.” ― Yogi Berra
CURRENT DATA SECURITY NEWS:
US college set to permanently close after 157 years, following ransomware attack
A predominantly Black college, based in Illinois, USA, is closing its doors after 157 years - citing the challenges it faced due to the Coronavirus pandemic, and the aftermath of a ransomware attack. Lincoln College explained that it had managed to survive multiple catastrophes and challenges, including economic crises, a major campus fire, the Spanish flu epidemic of 1918, the Great Depression, World War II, the 2008 global financial crisis, but this time it was different.
The Coronavirus pandemic had forced Lincoln College to make large investments in technology and safety measures, at the same time as many students chose to postpone their education or take a leave of absence. This financial burden had come at a time when its fundraising activities were impacted. The college did well to survive until the end of 2021. But it was in December of that year that Lincoln College fell victim to a ransomware attack that "thwarted admissions activities and hindered access to all institutional data, creating an unclear picture of Fall 2022 enrollment projections."
According to the college's press release, the ransomware attack encrypted important data meaning that "all systems required for recruitment, retention, and fundraising efforts were inoperable."
Cyber Insurance Applications Now Demand Specific Security Measures
CSO Online reported in May that cyber insurance applications are now asking a lot of questions about your cybersecurity measures. And, if you fail “the test,” you will be penalized, sometimes by a higher premium – or sometimes coverage may be denied. Here's a few of them:
Is two-factor authentication in place?
Have you deployed endpoint detection and response tools?
What email filtering solutions do you use?
Do you use a data backup solution for all critical data?
Bottom line, review your cyber insurance policy and its related questionnaire. Ask whether you are doing everything you can to protect your firm and tailoring your actions to align with what your insurance provider has deemed as a best practice.
It should be hard for malicious hackers to break into systems, but all too often it isn’t.
Recently, a joint cybersecurity advisory was issued by the Cybersecurity and Infrastructure Security Agency (CISA), the NSA and FBI, and their counterparts in Canada, New Zealand, the Netherlands, and United Kingdom. According to the report, just a small number of techniques are commonly used by attackers to compromise systems. explains that cybercriminals regularly exploit the poor security configuration of computer systems – whether it be because they’re misconfigured or simply left unsecured in the first place. In addition, malicious hackers exploit weak controls and other poor practices “to gain initial access or as part of other tactics to compromise a victims’ system.”
These attacks often exploit situations where multi-factor authentication (MFA) has not been enforced, mistakes in access control lists, software that has not been updated, weak passwords, and misconfigured services exposed to the internet.
1010101001010111010101100010100101010010101
CURRENT LEGAL CASE UPDATES:
Apple Sues Startup for Alleged Employee Poaching and Data Theft
Apple accuses outgoing employees poached by Rivos of stealing “gigabytes of sensitive SoC specifications and design files” in the lawsuit as well.
The filing explains:
Some used multiple USB storage drives to offload material to personal devices, accessed Apple’s most proprietary specifications stored within collaboration applications, and used AirDrop to transfer files to personal devices. Others saved voluminous presentations on existing and unreleased Apple SoCs—marked Apple Proprietary and Confidential—to their personal cloud storage drives. One even made a full Time Machine backup of his entire Apple device onto a personal external drive.
In the lawsuit against Rivos, Apple names two former engineers who previously worked on its chip team who joined Rivos last fall. Apple’s lawsuit aims “to recover its trade secrets, to protect them from further disclosure, and to uncover the full extent of their use to try to mitigate the harm that has and will occur.”
According to a complaint from Apple, they believe Rivos started an active campaign in mid-2021 to target engineers with access to, and knowledge of proprietary chip design going on at Apple, Apple’s new wonder processor the M1.
Jail for man who hacked the email of female students, stole and traded their private photos
A man has been sentenced to over 9 years in jail after he was found guilty of breaking into the email accounts of his classmates, and stealing their private nude photographs and videos.
26-year-old Michael Fish, of Albany, New York, has been sentenced to 111 months behind bars after being convicted of computer fraud, aggravated identity theft, and possession of child abuse material.
Fish had previously admitted hacking into the email accounts of more than 100 female classmates at SUNY-Plattsburgh, and later at Albany Law School, exploiting the information he discovered there to break into their social media accounts.
Having stolen nude photos and videos of his victims, Fish traded them online with others. In addition, Fish created and shared collages which showed sexually explicit images of individuals alongside their innocuous graduation photographs, identifying them by name.
1010101001010111010101100010100101010010101
CYBER SECURITY TIPS OF THE MONTH:
Best practices to defend systems from common attacks:
- Control access.
- Harden credentials.
- Establish centralized log management.
- Use anti-virus.
- Employ detection tools.
- Operate services exposed on internet-accessible hosts with secure configurations.
- Keep software updated.
1010101001010111010101100010100101010010101
Did you know that Digital4nx Group was recognized by Enterprise Security as one of the top ten digital forensics companies in 2022.
Being acknowledged as a leader in the industry is a great honor. In addition to the award, Enterprise Security featured Digital4nx Group and me in an article in their publication in print and online.
If you are an attorney who litigates, know one, or are a responsible business executive that's ass is on the line if a data breach occurs, I would love to have a call or introduction!
Please share the above information with those people or arrange an introduction. Look forward to seeing you in the flesh!
DON'T FORGET ABOUT US:
Digital4nx Group provides a blend of legal and technology services where we systematically identify, preserve, extract, analyze, and interpret digital evidence.
Our services are commonly used to:
- React and respond by providing litigation support services for plaintiffs or defendants, as well as providing expert testimony and consulting, both in and out of court.
- Proactively identify and provide insights on how to better secure your confidential data, technology, and compliance.
Cyber Security Services
Cyber incidents can be damaging to an organization, both in the short and long term. Digital4nx Group helps business leaders protect their “crown jewels” through reasonable, defensible, and cost-effective services... Before, During, and After a Data Incident! We offer a multi-disciplined approach to cyber services such as:
- Advanced “Ethical Hacking”
- Cyber Risk and Compliance Assessments
- Incident Response to Cyber Incidents or Data Breaches
- Cyber Security Awareness Training
- CISO-as-a-service