Posts Tagged: "cyber attacks"

On June 17, a bipartisan coalition of U.S. Senators, including Thom Tillis (R-NC), Sheldon Whitehouse (D-RI), Lindsey Graham (R-SC) and Richard Blumenthal (D-CT) reintroduced the International Cybercrime Prevention Act for consideration by the upper house of Congress. If passed, the bill would enact provisions giving additional power to law enforcement for seizing devices used for cyber attacks as well as create new criminal violations for individuals who knowingly engage in cyber attacks on critical national infrastructure.

Cybersecurity is a concern for any business operating in the digital age, but companies with strong intellectual property divisions have some very specific security issues to handle. A recent conference on the subject of Chinese theft of American IP featured comments from Federal Bureau of Investigations (FBI) Director Christopher Wray, who remarked that the FBI has been investigating about 1,000 alleged cases of IP theft from Chinese actors since the China Initiative was launched by the U.S. Department of Justice (DoJ) in late 2018. Statistics provided by the FBI at that conference showed that technology theft cases involving China grew rapidly between 2008 and 2012, after which a steady rise has continued through 2020.

This week on Capitol Hill, the Democrat-controlled House of Representatives has planned a number of hearings on climate change and antitrust matters, especially where the T-Mobile/Sprint merger is concerned. In the Senate, cybersecurity takes center stage at the Senate Homeland Security and Energy Committees. Elsewhere in Washington, D.C., the Brookings Institution got the week started early with a look at the impacts of artificial intelligence on urban life; Inventing America hosts a half-day event looking at current issues in the U.S. patent system; and the Information Technology & Innovation Foundation examines the future of autonomous vehicles in the freight industry.

This week on Capitol Hill, the House of Representatives will host almost every hearing that will relate to technology and innovation, including three hearings originally scheduled for last week but moved due to the national day of mourning for former President George H. W. Bush. Hearings in the House will focus on topics including advanced fuels for next generation engines, efforts to speed the development of innovative medical treatments, legislation for freeing up broadband Internet spectrum for public use and government IT acquisition processes. Over in the Senate, there will be a hearing in the middle of the week on Chinese espionage that will explore how entities in that country have been involved in cyberattacks and Internet piracy against American targets.

Ransomware attacks are on the rise, partly because of the ease and anonymity of crypto-currencies. In a typical ransomware attack, cyber criminals invade a computer system and encrypt key data, then threaten to destroy the data unless the victim pays the criminal a relatively minor sum (ranging from hundreds to thousands, or in rare cases, tens of thousands of dollars). Rather than trying to determine whether to agree to ransom terms, spend your time and energy preparing for an attack. Companies should consider a ransomware attack as you would any other cybersecurity breach. That is, it is going to happen, the only question is when. Sound preparation boils down to several key considerations.

Several weeks ago, the House Small Business Committee held a hearing titled ZTE: A Threat to America’s Small Businesses to explore the economic and national security threats posed by the Chinese telecommunications equipment and systems firm ZTE. The day’s discussion focused on ways that American small businesses could protect themselves from ZTE specifically and Chinese-backed entities more generally as well as the mixed signals being sent by the administration of President Donald Trump regarding ZTE.

On the morning of Thursday, July 19th, the House Permanent Select Committee on Intelligence held a hearing titled China’s Threat to American Government and Private Sector Research and Innovation Leadership. The day’s hearing was dedicated to discuss strategies, both legal and illicit, which are employed by the Chinese government and designed to gain a competitive advantage over the United States.

SafeBreach recently announced the issuance of three U.S. patents in the field of breach and attack simulation. This news follows weeks after SafeBreach closed a $15 million series B round of funding involving backing from major payment solutions firm PayPal.

Chinese toymaker VTech recently settled charges with the FTC in the first-ever case involving internet-connected toys. VTech became a victim of cyber attackers back in 2015, when hackers got access to the company’s online database and compromised accounts of over 11 million, which included data for about 6.37 million children… Today, the key to compliance when dealing with IoT is to “know thyself,” Bahar explained. In other words, take the time to understand what truly is in these smart components, not only from a technical perspective but a legal one. In addition, make sure to make good on your promises. If you tell consumers that you are protecting their data or their privacy in certain ways, make sure you are making good on that commitment.

Cyber crimes and data breaches have become far too widespread in the recent times. Technological progress has taken the risk to new levels, with newer techniques to exploit vulnerable organizations, corporations and governments being discovered every day… A considerable number of organizational respondents to the survey, approximately 32%, reported being affected by cyber crime. Nearly 34% felt that they would be affected within the next 2 years. While 61% of the top executives feared cyber attacks, only 37% of organizations claimed to have a cyber incident response plan in place. Obviously, this represents a significant disconnect between the level of fear and the level of preparedness in the industry.

Cybercrime seemed to be in the news daily in 2016. From the hack of the Democratic National Committee email accounts to the massive data breaches suffered by large technology companies, a major restaurant chain, and numerous government agencies, the news seemed inundated by a steady stream of high profile cybercrime. What is in store for 2017? Given the proliferation of electronic devices and data in our society, we can reasonably expect cases of cybercrime to continue to increase in number and complexity in the new year.

Over the past few years we have seen a surge in cyber attacks against well-known organizations, each seemingly larger than the last. As cybercriminals look for innovative ways to penetrate corporate infrastructures, the challenges for brand owners to protect their IP has steadily grown… Most organizations have implemented stringent security protocols to safeguard their IT infrastructure, but conventional security measures don’t provide the critical intelligence needed to analyze cyberattacks that propagate in the Deep Web and Dark Web. It is fundamentally harder to navigate a medium where web pages are unindexed and anonymity can hide criminal activity.

High value information—identified as trade secrets, IP mappings, product designs, financial data, confidential business information and similar files and documents—require an extra level of protection because of their value to cybercriminals and malicious insiders. The last thing an organization wants to do is make the theft of high value information easier by leaving vulnerability gaps in security practices. A malicious actor will exploit those each and every time.

In July, Kilpatrick Townsend and Ponemon Institute released their findings from The Cybersecurity Risk to Knowledge Assets study, which confirmed most companies’ worst fears — their intellectual property is at risk every day, and theft is rampant. The 600 survey respondents also disclosed that most companies are unsophisticated when it comes to identifying their key intellectual property (particularly trade secrets) and protecting that adequately. And, most surprisingly, the expected costs associated with loss of these important assets was estimated by nearly seven out of ten respondents to total more than $100 million.