March Cyber update from the Office of Rob Kleeger

Mar 01, 2022 7:16 pm

,


I hope this email finds you and your loved one's safe, secure, and healthy.


All the best,

Rob Kleeger

1010101001010111010101100010100101010010101

Words of Wisdom:

“The clock is running. Make the most of today. Time waits for no man. Yesterday is history. Tomorrow is a mystery. Today is a gift. That's why it is called the present.” ― Alice Morse Earle


CURRENT DATA SECURITY NEWS:

Insurance giant AON suffers a weekend cyberattack

In an 8-K form filed with the Securities and Exchange Commission, AON has disclosed that they suffered a cyberattack on February 25th, 2022. AON has not provided any details of the attack other than that it occurred and affected a limited number of systems.


FBI warns of BEC attackers impersonating CEOs in virtual meetings

The Federal Bureau of Investigation (FBI) warned recently that US companies and individuals are being increasingly targeted in BEC (business email compromise) attacks on virtual meeting platforms. "Between 2019 through 2021, the FBI IC3 has received an increase of BEC complaints involving the use of virtual meeting platforms to instruct victims to send unauthorized transfers of funds to fraudulent accounts," the FBI said [PDF].


North Korea Hacked Him. So He Took Down Its Internet

Last Month, observers of North Korea's tightly restricted corner of the internet began to notice that the country had been dealing with some serious connectivity problems. Just over a year ago, an independent hacker was hacked by North Korean spies. He took matters into his own hands. “I want them to understand that if you come at us, it means some of your infrastructure is going down for a while.”


CISA, FBI and NSA published a joint advisory warning of ransomware attacks targeting critical infrastructure organizations.

“In 2021, cybersecurity authorities in the United States, Australia, and the United Kingdom observed an increase in sophisticated, high-impact ransomware incidents against critical infrastructure organizations globally.” reads the joint advisory. “Ransomware tactics and techniques continued to evolve in 2021, which demonstrates ransomware threat actors’ growing technological sophistication and an increased ransomware threat to organizations globally.”


The report also provides details about observed behaviors and trends among cybercriminal organizations in 2021, phishing attacks, stolen Remote Desktop Protocols (RDP) credentials or brute force, and the exploitation of vulnerabilities are the most popular infection vectors.


1010101001010111010101100010100101010010101


CURRENT LEGAL CASE UPDATES:

Arconic Corp., et al, v. Novelis Inc., et al., 2022 WL 409488 (W.D. Pa. Feb. 10, 2022) 

Arconic said metadata on a court's opinion suggested impropriety. The Federal judge in Pennsylvania confirms she wrote the opinions, however rejects the metadata claims. The Judge explained that metadata was from prior court opinions, which may have suggested they may have been written by someone else. The court reviewed the “Guidelines for Editing Metadata” released by the Administrative Office of the United States Courts.


Fast v. GoDaddy.com, LLC (D. Ariz. Feb. 2, 2022) 

Parties have an obligation to preserve relevant ESI from ephemeral messaging applications and other digital-age communication apps and information sources.


Even though ESI from these applications is dynamic and thus easily subject to modification or deletion, parties must take reasonable steps to retain such information after a duty to preserve triggers. Failure to take such steps can leave a responding party—plaintiff or defendant—vulnerable to data loss and sanctions.


Judge David Campbell, who led the Federal Civil Rules Advisory Committee that developed the Rule 37(e) amendments enacted in 2015, issued an adverse inference jury instruction against the plaintiff after finding she spoliated relevant Facebook Messenger and Telegram messages and other ESI.


Two Arrested for Alleged Conspiracy to Launder $4.5 Billion in Stolen Cryptocurrency

Two individuals were arrested last month in Manhattan for an alleged conspiracy to launder cryptocurrency that was stolen during the 2016 hack of Bitfinex, a virtual currency exchange, presently valued at approximately $4.5 billion. Thus far, law enforcement has seized over $3.6 billion in cryptocurrency linked to that hack.


Really...The IRS may be able to thwart ransomware

Ninety years after an IRS investigation ended Al Capone’s reign as America’s most notorious mobster, the tax agency holds promise in combating yet another seemingly unsolvable crime spree. This time, the IRS’ ability to trace dark money has made it a crucial partner to other federal agencies investigating ransomware gangs — a role it played last summer by helping the FBI seize millions of dollars in bitcoin from the hackers who had crippled the U.S. gasoline supply.


1010101001010111010101100010100101010010101


CYBER SECURITY TIPS OF THE MONTH: 

Mistakes That Shorten Your Laptop’s Life

There are actually plenty of ways you can make your machine last longer—by avoiding these common laptop practices that can cause it to die before its time.


You never turn it off - Leaving it on all the time means you aren’t getting the updates your computer needs. Systems need to “patches” to fix vulnerabilities or improve the software. Most of those patches don’t take effect unless you restart your computer. Shutting it down at least once a week, although more is even better.


Too many programs launch when you boot your computer up - If your Windows laptop has been running way too slowly, try hitting Ctrl + Shift + Esc to bring up Task Manager. Then Go to the Start-up tab to find a list of all the apps that open when you boot your laptop up and how much impact they have on the startup time. Right-click on any programs that you don’t use every day and click “Disable”. Note: It doesn’t mean it won’t run, it just means you have to manually start it... Next time you restart, you should notice that things are ready to go faster than ever. 

1010101001010111010101100010100101010010101

DON'T FORGET ABOUT US:

Digital4nx Group provides a blend of legal and technology services where we systematically identify, preserve, extract, analyze, and interpret digital evidence.


Our services are commonly used to:

  • React and respond by providing litigation support services for plaintiffs or defendants, as well as providing expert testimony and consulting, both in and out of court.
  • Proactively identify and provide insights on how to better secure your confidential data, technology, and compliance.

image

Cyber Security Services

Cyber incidents can be damaging to an organization, both in the short and long term. Digital4nx Group ​helps business leaders protect their “crown jewels” through reasonable, defensible, and cost-effective​ ​services... Before, During, and After a Data Incident! We offer a multi-disciplined approach to cyber services such as:


 

Comments