Articles Posted in Cybersecurity

We’ve already described the definition of doxing in the prior article. We will turn to the various doxing methods and relevant laws. Doxing works by tracking someone’s information by accessing the internet or other databases. Big data has allowed individuals to extract personal information which was impossible to find in the past. Nowadays, the doxing party can track usernames, run a WHOIS search on a domain or website, engage in phishing activities, look into social media profiles, go through state/federal government records, tracking an Internet Protocol (“IP”) address, or conduct a reverse phone number lookup. The doxing party can also engage into what is referred to as “packet sniffing” which can be prevented by using a virtual private network.

The doxing party (i.e., culprit) can release the victim’s sensitive or personal information on the internet and instruct others to harass or intimidate the victim. There have been instances of such transgressions in recent years. For example, a popular adult dating website was hacked and the users’ private information was released into the web. Obviously, this incident was embarrassing for the adult dating website and its members. There have been other incidents where the victim had engaged in questionable conduct and was targeted on the internet.

Is doxing illegal?

The question is what is doxing and what are the laws? Doxing, which is short for dropping documents, takes place when the malicious actor gathers personally identifiable information and publicly discloses it to annoy, harass, intimidate, or stalk the victim for no legitimate purpose. The malicious actors engage in these types of activities to publicly humiliate or target their victims. For example, they may intentionally identify law enforcement personnel or show off their hacking abilities.

How does doxing work?

The malicious actors utilize different techniques for their doxing activities. They can hack, social engineer, or steal personal and confidential information. They can gain access to the victim’s email account and extract private information from the victim’s account. They can break into web-based accounts such as social media, cloud storage, or bank records. They can also use the same email address and password to gain access to other accounts. There have been incidents where the malicious actors used the victim’s Department of Homeland Security username and password to gain access to its network.

Augmented and virtual realities are cutting-edge technologies that are changing the world. Now, with that comes a significant amount of legal issues such as cybersecurity, privacy and regulations at the state, federal, and international levels.

Augmented reality (“AR”) technology is currently being used by several companies such as Nintendo, IKEA, Instagram and Snapchat. Virtual reality (“VR”) technology has been used by companies such as Oculus Rift, PlayStation, and HTC Vive.

The courts have been grappling with online or offline violations for many years. Now, with the advent with these technologies, they will be facing new issues related to online or e-commerce transactions. The question is how will the courts deal with street crimes in the virtual world? What if a known or unknown individual engages in “indecent exposure” or “virtual groping” against another person? What if the culprit commits a tort (e.g., negligence, invasion of privacy, intentional infliction of emotional distress) against the victim in the AR/VR world? What if the victim’s privacy is invaded by spreading his or her intimate pictures or videos towards unauthorized parties?

Our law firm’s attorneys have been able to manage unexpected data breaches since they take place on a regular basis. Our legal team and group of technology experts have implemented specific protocols to mitigate the damages. One of the most important factors is assessing your company’s security weaknesses which may include proper training of all personnel including full/part-time employees and independent contractors. Training is a key factor and should be conducted in a methodical manner. The information technology department should implement the procedures for setting up personnel training sessions.

The first step is to setup a framework for proper incident responses. Then, incident notification procedures should be published for all personnel and should be part of the hiring process. The company should be able to validate the data breach by examining the information. All sensitive and confidential documents (e.g., trade secrets) should be protected and preserved on a regular basis. The incident response team should immediately investigate and monitor the breach. The company should mitigate the damages by securing electronic devices and the stored information. Also, the company should ensure the existing encryption software is functional, and if not, it should be replaced with another type of encryption software. The data owners should be formally notified since their information has been affected by the data breach. In most cases, law enforcement officials should be notified about the data breach. Finally, the company should assess and improve its data breach and incident response plans to avoid similar problems in the future.

Any organization that collects, stores, or manages sensitive or confidential information is susceptible to cyberattacks. Therefore, it must setup and manage a proper incident response plan. It must be able to engage in preventive and reactive measures such as proper data retention policies. The chain of custody in preserving information is a key factor. So, the data must be located, identified, and protected to avoid unnecessary complications. Data protection and preservation are key components from a legal perspective. The organization should have access to legal counsel to prepare for potential legal actions. The legal team should work closely with the Incident Response Team (“IRT”) to protect confidential client information such as medical or financial records. This way, the attorney-client privilege can be properly established by them.

Data breach incidents require a quick response from the information technology team and their experts. They are responsible for investigating the incident, notifying the affected parties, and contacting law enforcement agencies. The business operations should not be interrupted by these data breach incidents which is a difficult task. In other words, business continuity is one of the main complications that the targets face in these situations.

The hackers use various methods to infiltrate and extract valuable information such as trade secrets and private or confidential information. This information should be protected by using suitable methods. The private and confidential information should be stored on internal and external storage devices. They should be backed up on a regular basis and protected by using encryption technologies. We recommend using strong encryption algorithms which meet the minimal technical requirements that can be implemented by a qualified technology expert. This is important since the confidential information that can be stolen may include sensitive corporate, medical, and financial records. So, obviously, there are mandatory notification protocols in every jurisdiction.

California Civil Code Sections 1798.29(a) and 1798.82(a) require a business or state agency to notify any California resident whose unencrypted personal information was acquired or reasonably believed to have been acquired by an unauthorized person.

Data breach and incident response protocols are important when there is a breach within an organization’s computer systems. Our law firm has assisted clients with data breaches which can occur as a result of insider threats, hacking intrusions, credit card payment breaches, and medical record breaches.

Data privacy and cybersecurity are key components that could be implemented at the network level of each organization as preventive measures. The information technology department should properly review the computer systems and implement the proper software and hardware applications. The information technology staff should install a firewall system that can monitor network traffic. It can also implement an Intrusion Detection System (“IDS”) that monitors network traffic and prevent unauthorized transactions.

These incidents have a national and international component to them since they can take place from anywhere. The hackers can be anywhere in the world when they target victims. They usually utilize sophisticated tools and resources to initiate the attacks. For example, they use social engineering and phishing to obtain personal information by impersonating a trusted source. They can use malware injecting devices, missing security patches, password cracking, and Distributed Denial-of-Service (“DDos”) attacks. The hackers steal secrets by using sophisticated tools and methods. There have been multiple incidents where the hackers infiltrated small and large companies to extract personal and confidential information such as trade secrets (e.g., patents, trademarks, copyrights), social security numbers, credit card numbers, medical records, and bank account records. The hackers can use a “back door” which is a secret pathway they use to enter the computer system. They can use a “buffer overflow” which is when malicious commands are delivered to the computer system by overrunning the application buffer. The denial-of-service attack is another method that is used to shut down the computer system. The hackers have been known to use “email worms” which includes a virus script that is transferred to the victim via an email message. Now, the hackers can gain computer “root access” which grants them complete control. The “root kit” is a group of tools that can be used to expand and disguise the hacker’s control over the computer system. The other tools that can be used by hackers include script kiddies, session hijacking, and trojan horses.

Ransomware is used to infiltrate and lock the victim’s computer system in exchange of money. This type of malicious software (a/k/a “malware”) can cause substantial disruptions in an individual’s and a company’s business operations. It is usually caused when the unsuspecting victim clicks on a link to open an attachment or clicks on an advertisement or uniform resource locator to visit a third-party’s website that is embedded with the malware. The culprits usually request some form of ransom in order to decrypt the files. They will, and usually do, threaten the victim to either sell or leak the sensitive or confidential information if the ransom is not paid in time. There have been demands of up to or more than one-million dollars in recent years so the impact can be significant.

Ransomware can cause a “system lock” when the malware is unleashed on the computer or network system. This, in essence, will encrypt sensitive or confidential files on local or attached hard drives or other storage units. It is difficult to determine when or how the hackers infiltrated the system but the victim usually finds out when the computer systems are locked and inaccessible.

Technology experts recommend training yourself and your employees on a regular basis. This way, they will know what to look for and how to avoid these cybersecurity incidents. It’s important to have a regular backup of sensitive and confidential files and store the backup files in a secure location. We usually recommend storing them in local and remote locations. It is recommended to restrict user privileges such as permissions to install and execute software applications. Technology experts recommend enabling strong spam filters to prohibit phishing emails. They also recommend properly configuring the firewall to block access to known malicious Internet Protocol addresses. It’s also crucial to update the operating system and software applications on a regular basis according to law enforcement agencies.

Quantum computers will probably take over the various technology industries in the near future. It is called the “Fourth Industrial Revolution” and it will change the way we use and experience technology. These superfast computers have an extremely powerful computing power that is unmatched by traditional computers. Its technology is based on quantum physics. It will arguably disrupt many industries and will have a direct impact on cybersecurity and privacy. Quantum computers use “quantum bits” or “qubits” which can have multiple properties (i.e., they can be both 0 and 1 simultaneously) and can store electronic information. In other words, they can be in two states at one time which is called “superposition” by the experts. However, they are susceptible to distortion and therefore proper error correction is important.

The large technology companies such as IBM, Google, Intel, and Microsoft have invested a significant amount of their resources. In fact, IBM Quantum is an organizational initiative to build universal quantum computers to solve complex problems with its supercomputers. So, once this type of technology becomes more prevalent, other manufacturers will follow a similar path.

Cybersecurity will be directly impacted by these supercomputers because it will allow their owners or operators to infiltrate the target’s defense mechanisms. It may take a traditional computer a longer time to decipher strong passwords and hack into a computer network system. As such, the owners or operators of quantum computers will have a significant advantage when it comes to these procedures. Cybersecurity and privacy will be major concerns due to the nature of these supercomputers as they can potentially disrupt multiple industries. We know that electronic information can be protected by algorithms. Now, quantum algorithm is referred to as “Shor’s algorithm” which gives quantum computers a higher capability to decrypt information.

Quantum computers will be more prevalent in the coming years as technology advances and they become more affordable. Quantum computers function differently than traditional computers. They are faster and much more efficient when compared to traditional computers. Today’s traditional computers use digital bits which represent zeros and ones – i.e., they must be either on or off for computing process. However, quantum computers operate by using qubits which can store digital information and have several properties. In essence, they can make instantaneous calculations that can take a traditional computer several years. Quantum computers can resolve industrial problems that can take traditional computers a longer time.

What are the applicable technologies and legal problems?

The advantage of having access to quantum computers can be significant. This is because, for example, a company that has access to these exponentially-advanced electronic devices can decrypt a sophisticated program within minutes and threaten the victim’s privacy rights. In other words, it could carry a potential invasive power that would be unmatched by traditional computers. Encryption technology is being used to protect sensitive information. There is “symmetric” and “asymmetric” encryption technology that is being used in the market.