June Cyber update from the Office of Rob Kleeger
Jun 15, 2023 7:15 pm
,
I hope you are enjoying your late spring and enjoying the seasonal weather before it gets too hot and humid.
For those whom I haven't heard from in a while, my bad!
Please do reach out to catch up.
Rob Kleeger
1010101001010111010101100010100101010010101
Words of Wisdom:
“Smart people focus on the right things."
- Jensen Huang, CEO of Nvidia
1010101001010111010101100010100101010010101
CURRENT DATA SECURITY NEWS:
May was a solid month for the US Data Privacy laws being enacted, as Indiana, Iowa, and Tennessee all passed state privacy laws. They join California, Colorado, Connecticut, Utah, Montana, and Virginia. In Indiana, Iowa, and Tennessee, there is no private right of action, which means it will be up to the states to enforce the laws.
Pharmaceutical Giant Eisai Takes Systems Offline Following Ransomware Attack
Eisai is the latest drugmaker to be hit with a ransomware attack. The Japanese company said it “immediately” set up a company-wide task force after suffering a cyberattack Saturday night. Now, it's working to respond with external experts and law enforcement officials, Eisai said in a statement.
The possibility of data leaks is currently under investigation, the company said. Eisai expects it will take “some time to gauge the full extent of the incident."
2023 Verizon Data Breach Investigations Report Recap: Socially-Engineered BEC Attacks Doubled Over the Past Year
Business email compromise (BEC) continues to be a major security threat to organizations, with a reported loss of $2.7 billion in 2022 alone. This type of cybercrime happens when a threat actor impersonates a reliable source, usually an executive, colleague, supplier, or partner, in order to steal money or sensitive information. As these emails usually lack malicious links or attachments, they are hard to identify with traditional email security measures, making companies vulnerable to attack.
Socially-engineered BEC attacks, specifically, have seen a startling increase over the past few years. This trend is illustrated by Verizon’s 2023 Data Breach Investigations Report, which shows that BEC attacks have doubled over the past year—comprising nearly 60% of social engineering incidents. The report is based on an analysis of 16,312 security incidents and 5,199 breaches over the past year.
When it comes to email threats, your workforce is your biggest liability. While employees must be accurate 100% of the time in identifying attacks, cybercriminals only need to find one distracted or untrained employee and they understand this. The vast majority of data breaches occurring since 2021 have involved the human element in some form or another—human error, privilege misuse, use of stolen credentials, or social engineering. According to Verizon’s DBIR team, 74% of all breaches include the human element.
Cybercriminals often rely on using stolen credentials and take advantage of known vulnerabilities to gain access to a company's network.
1010101001010111010101100010100101010010101
CURRENT LEGAL CASE UPDATES:
Pending Amendments to the Federal Rules
The Federal Committee on Rules of Practice and Procedure (the “Standing Committee”) has posted pending amendments to the federal appellate rules, bankruptcy rules, civil rules, criminal rules, and evidence rules. The proposals were transmitted to Congress by the Chief Justice on April 24, 2023.
QUICK SUMMARY OF THREE PROPOSED AMENDMENTS
Three changes were summarized by the Standing Committee.
- Rule 702 regarding expert testimony will be amended: “The proposed amendments to Rule 702’s first paragraph and to Rule 702(d) are the product of Advisory Committee work dating back to 2016. As amended, Rule 702(d) would require the proponent to demonstrate to the court that “the expert’s opinion reflects a reliable application of the principles and methods to the facts of the case.’”
- The “rule of completeness” in Fed.R.Evid. 106 will be amended to “allow any completing statement to be admitted over a hearsay objection and would cover all statements, whether or not recorded.”
- The sequestration rule, Fed.R.Evid. 615, “would limit an exclusion order under the existing rule to the exclusion of witnesses from the courtroom, and would add a new subdivision (b) that would provide the court discretion to issue further orders prohibiting excluded witnesses from accessing or being provided with trial testimony.”
The GPTJudge: Justice In A Generative AI World
By Maura Grossman, Paul W. Grimm, Daniel G. Brown, and Molly (Yiming) Xu.
This unprecedented progress in AI technology is provoking profound challenges for litigants, attorneys, and the courts, especially concerning the authentication of AI-produced evidence. In this area, the authors suggest a potential surge in litigation expenses as parties may increasingly resort to forensic experts to examine AI-generated evidence. This pivotal analysis is scheduled for publication in Vol. 23, Iss. 1 of Duke Law & Technology Review (October 2023).
What do these three cases have in common?
- McCormick & Co. v. Ryder Integrated Logistics, Inc., No. JKB-22-0115, 2023 WL 2433902 (D. Md. March 08, 2023)
- Carl Zeiss Meditec, Inc. v. Topcon Med. Sys., Inc., No. 19-cv-04162-SBA(LB), 2022 WL 2394815 (N.D. Cal. July 1, 2022)
- In the Matter of In Re Skanska USA Civil Southeast Inc., No. 3:20-CV-05980-LC/HTC, 2021 WL 2515645 (N.D. Fla. Aug. 23, 2021)
When parties establish requirements in their ESI protocols that they later cannot fulfill, that's a big problem. In the above three recent case opinions, courts reflect how negatively respond to such situations.
In #1, The district court pointed out how “the parties agreed to this review [of the documents] by the plain language of the ESI Protocol” and that the parties “clearly took [the proportionality factors under Federal Rule of Civil Procedure 26(b)] into account, finding that the costs of the review were proportional to the needs of the case.” The court also noted that “this conclusion is particularly appropriate where, as here, there appears to be a large volume of potentially responsive documents due to an error by [the plaintiff] whereby the documents of a key custodian were deleted despite a litigation hold.”
In #2, The magistrate judge ordered Defendant Topcon to review and produce the files and denied its request for attorney fees related to this supplemental production. In doing so, the magistrate judge pointed to the ESI Protocol’s requirement for document productions to include “all metadata, including family files.”
In #3, The magistrate judge found this situation to be “a textbook case of spoliation.” The magistrate judge noted Skanska’s failure to preserve mobile device data and text messages even as the case proceeded through significant events, including Skanska’s designation of in-house counsel to address the issues in this case, the claimants’ initial filing of the suit, and the receipt of claimants’ first requests for production of documents.
Noting the seven months that lapsed between Skanska’s issuance of a related litigation hold and the start of its collection of mobile device data from the identified custodians, the magistrate judge found that “the lack of any cogent explanation for these failures, other than ‘oops,’ points to one answer – Skanska acted in bad faith.” However, the magistrate judge declined to order terminating sanctions against Skanska, instead finding “the lesser sanctions of an adverse inference and monetary sanctions to be appropriate.”
For nearly two decades, I've been helping attorneys and clients resolve electronic discovery issues early in legal proceedings, helping parties negotiate ESI protocols that define the required formats of production, outline the scope of record preservation required for the matter, and address key issues regarding privilege, confidentiality, and other key discovery considerations.
1010101001010111010101100010100101010010101
CYBER SECURITY TIPS OF THE MONTH:
- Think - Before You Click, Before you Wire, Before you enter your credentials
- Use Strong and Varied Passwords - Use a Password Manager like KeePass, LastPass, 1Password, Dashlane, and Roboform
- Keep Your Systems Updated - What was secure yesterday may become insecure tomorrow. Patch early and often.
- Don’t Use Public WiFi without a VPN - As more people are traveling overseas, I often advise if they have no other choice but for Public WiFi, to use a VPN
- Before or when $hit hits the fan, remember to call Rob Kleeger, he's your man.
1010101001010111010101100010100101010010101
DON'T FORGET ABOUT US:
Digital4nx Group provides a blend of legal and technology services where we systematically identify, preserve, extract, analyze, and interpret digital evidence.
Our services are commonly used to:
- React and respond by providing litigation support services for plaintiffs or defendants, as well as providing expert testimony and consulting, both in and out of court.
- Proactively identify and provide insights on how to better secure your confidential data, technology, and compliance.
Cyber Security Services
Cyber incidents can be damaging to an organization, both in the short and long term. Digital4nx Group helps business leaders protect their “crown jewels” through reasonable, defensible, and cost-effective services... Before, During, and After a Data Incident! We offer a multi-disciplined approach to cyber services such as:
- Advanced “Ethical Hacking”
- Cyber Risk and Compliance Assessments
- Incident Response to Cyber Incidents or Data Breaches
- Cyber Security Awareness Training
- CISO-as-a-service