Posts Tagged ‘Cyber’

Federal Court ruling on CGL covering a data breach


On Monday a Federal appeals court in Virginia upheld a lower federal court ruling that held a Commercial General Liability (CGL) may in fact cover a data breach.  The legal battle involves the Personal Injury insuring agreement and the coverage under the Personal Injury coverage part is often ambiguous. 

In the underlying case, The Travelers Indemnity Company of America was required to provide a defense for its insured, Portal Healthcare Solutions, LLC, for an underlying data breach class action filed against Portal by customers whose private medical information was posted on the intranet. 

Read more…

Wind farms act as an entry point for grid hackers

December 8, 2015 Leave a comment

clean-energy-hackCyber-attacks are often thought of with the association of some large breach such as Target or Anthem. However, hackers are not just targeting credit card information and social security numbers; some are persistently targeting our nation’s infrastructure.

What many people may not know is that grid power control systems are interconnected, via the web. While the grid has various cyber protection mechanisms in place, any vulnerability within a single wind farm’s cybersecurity can serve as a gateway for hackers to systems that control larger portions of the grid. For example, high voltage power lines transfer enormous amounts of power over large distances, making them a prime target for hackers to infiltrate. Read more…

Safe Harbor exchange between EU and US data deemed invalid

p2pThe European Union’s highest court, the Court of Justice (CJEU), ruled on October 6, 2015 that the EU-US Safe Harbor Agreement is invalid, effective immediately. The agreement was a voluntary self-certification system that permitted over 4,000 eligible U.S. companies to receive the personal data of Europeans if they publicly agreed to treat the data according to the Safe Harbor Principles. After being deemed invalid, however, the agreement no longer provides a basis for transferring personal data from the EU to the U.S.

While data protection advocates praised the court’s decision, industry executives and trade groups claim that it left a lot of uncertainty for companies that rely on access to this data for lucrative businesses such as online advertising. Read more…

The new ransom: cyber extortion

October 8, 2015 1 comment

cyber_extortionA cybersecurity issue that many companies fail to prepare for or even consider is cyber extortion, especially distributed denial of service (DDoS) threats involving ransom demands. Such attacks are intended to impede a victim’s capability to conduct business online until the ransom is paid. Hackers have not abandoned traditional data breaches however, these incidents are not as lucrative because the black market for credit card and Social Security data is over saturated. Any company or organization, regardless of size, is at risk and should consider what’s at stake if they are threatened with a cyber extortion claim. Confirmed victims of cyber extortion include everything from police departments to fortune 500 hundred companies. Read more…

Concerns after hackers target corporate data to commit securities fraud

August 25, 2015 Leave a comment

stock_arrowsOn Wednesday August 12, both The Wall Street Journal and New York Times reported on what most believe is the first case in which hackers used stolen corporate data to initiate securities fraud in conjunction with stock traders. More troubling are concerns that it’s likely just the tip of the iceberg, and that it came from a five-year long “unholy global alliance” between overseas hackers and U.S. based traders.

As Paul Fishman, the U.S. District Attorney for New Jersey notes, “This is the intersection of hacking and securities fraud. The hackers were relentless and patient.” It’s estimated that 32 traders and hackers took in over $100M in illegal proceeds via this highly sophisticated and bold scheme. Those involved gained a big advantage over others in the stock market by securing access to news releases, then trading on their information before they hit the wires.  Read more…

Examining the rewards and risks of wearable tech

July 28, 2015 1 comment

wearable_techThe important role of technology in our daily lives continues to grow and is now being fueled by the development of smaller more personal devices. Wearable technology are small, electronic devices designed to track and collect data for various purposes – ranging from smart watches and fitness monitors, to full desktop experiences offered by smart glasses. According to a PwC report entitled The Wearable Future, twenty percent of Americans already own a wearable device and this number is expected to rise, with most users utilizes these devices to record exercise efficiency (81%), track dietary and medical info (71%), and for notifications on deals on retail purchases (51%).

The market for wearable tech is expected to expand with a jump from $5 billion in 2014 to over an estimated $12 billion by 2018, according to Statista. There is no denying the significant influence these wearable devices have on how we live and work, however as is the case with many forward-thinking innovations, along with the rewards of advancement also comes some risksRead more…

The New York Stock Exchange network crash — a false sense of (cyber) security?

stocksMost people were relieved when investigators determined that the recent electronic disruptions at the New York Stock Exchange and United Airlines were caused by internal glitches and not by hackers. The NYSE system crash, caused by a faulty software upgrade, and the United Airlines outage, caused by a faulty router, received great attention as pictures of (and tweets by) idle traders and travelers appeared seemingly everywhere.

Because they involved computers and networks, these outages were discussed by the media with the vocabulary normally used to describe “cyber” events. That’s not surprising, given the initial fear that the NYSE crash in particular was caused by hacking. Read more…