Articles Posted in Internet Law

Data breach and incident response protocols are important when there is a breach within an organization’s computer systems. Our law firm has assisted clients with data breaches which can occur as a result of insider threats, hacking intrusions, credit card payment breaches, and medical record breaches.

Data privacy and cybersecurity are key components that could be implemented at the network level of each organization as preventive measures. The information technology department should properly review the computer systems and implement the proper software and hardware applications. The information technology staff should install a firewall system that can monitor network traffic. It can also implement an Intrusion Detection System (“IDS”) that monitors network traffic and prevent unauthorized transactions.

These incidents have a national and international component to them since they can take place from anywhere. The hackers can be anywhere in the world when they target victims. They usually utilize sophisticated tools and resources to initiate the attacks. For example, they use social engineering and phishing to obtain personal information by impersonating a trusted source. They can use malware injecting devices, missing security patches, password cracking, and Distributed Denial-of-Service (“DDos”) attacks. The hackers steal secrets by using sophisticated tools and methods. There have been multiple incidents where the hackers infiltrated small and large companies to extract personal and confidential information such as trade secrets (e.g., patents, trademarks, copyrights), social security numbers, credit card numbers, medical records, and bank account records. The hackers can use a “back door” which is a secret pathway they use to enter the computer system. They can use a “buffer overflow” which is when malicious commands are delivered to the computer system by overrunning the application buffer. The denial-of-service attack is another method that is used to shut down the computer system. The hackers have been known to use “email worms” which includes a virus script that is transferred to the victim via an email message. Now, the hackers can gain computer “root access” which grants them complete control. The “root kit” is a group of tools that can be used to expand and disguise the hacker’s control over the computer system. The other tools that can be used by hackers include script kiddies, session hijacking, and trojan horses.

Ransomware is used to infiltrate and lock the victim’s computer system in exchange of money. This type of malicious software (a/k/a “malware”) can cause substantial disruptions in an individual’s and a company’s business operations. It is usually caused when the unsuspecting victim clicks on a link to open an attachment or clicks on an advertisement or uniform resource locator to visit a third-party’s website that is embedded with the malware. The culprits usually request some form of ransom in order to decrypt the files. They will, and usually do, threaten the victim to either sell or leak the sensitive or confidential information if the ransom is not paid in time. There have been demands of up to or more than one-million dollars in recent years so the impact can be significant.

Ransomware can cause a “system lock” when the malware is unleashed on the computer or network system. This, in essence, will encrypt sensitive or confidential files on local or attached hard drives or other storage units. It is difficult to determine when or how the hackers infiltrated the system but the victim usually finds out when the computer systems are locked and inaccessible.

Technology experts recommend training yourself and your employees on a regular basis. This way, they will know what to look for and how to avoid these cybersecurity incidents. It’s important to have a regular backup of sensitive and confidential files and store the backup files in a secure location. We usually recommend storing them in local and remote locations. It is recommended to restrict user privileges such as permissions to install and execute software applications. Technology experts recommend enabling strong spam filters to prohibit phishing emails. They also recommend properly configuring the firewall to block access to known malicious Internet Protocol addresses. It’s also crucial to update the operating system and software applications on a regular basis according to law enforcement agencies.

Quantum computers will probably take over the various technology industries in the near future. It is called the “Fourth Industrial Revolution” and it will change the way we use and experience technology. These superfast computers have an extremely powerful computing power that is unmatched by traditional computers. Its technology is based on quantum physics. It will arguably disrupt many industries and will have a direct impact on cybersecurity and privacy. Quantum computers use “quantum bits” or “qubits” which can have multiple properties (i.e., they can be both 0 and 1 simultaneously) and can store electronic information. In other words, they can be in two states at one time which is called “superposition” by the experts. However, they are susceptible to distortion and therefore proper error correction is important.

The large technology companies such as IBM, Google, Intel, and Microsoft have invested a significant amount of their resources. In fact, IBM Quantum is an organizational initiative to build universal quantum computers to solve complex problems with its supercomputers. So, once this type of technology becomes more prevalent, other manufacturers will follow a similar path.

Cybersecurity will be directly impacted by these supercomputers because it will allow their owners or operators to infiltrate the target’s defense mechanisms. It may take a traditional computer a longer time to decipher strong passwords and hack into a computer network system. As such, the owners or operators of quantum computers will have a significant advantage when it comes to these procedures. Cybersecurity and privacy will be major concerns due to the nature of these supercomputers as they can potentially disrupt multiple industries. We know that electronic information can be protected by algorithms. Now, quantum algorithm is referred to as “Shor’s algorithm” which gives quantum computers a higher capability to decrypt information.

Quantum computers will be more prevalent in the coming years as technology advances and they become more affordable. Quantum computers function differently than traditional computers. They are faster and much more efficient when compared to traditional computers. Today’s traditional computers use digital bits which represent zeros and ones – i.e., they must be either on or off for computing process. However, quantum computers operate by using qubits which can store digital information and have several properties. In essence, they can make instantaneous calculations that can take a traditional computer several years. Quantum computers can resolve industrial problems that can take traditional computers a longer time.

What are the applicable technologies and legal problems?

The advantage of having access to quantum computers can be significant. This is because, for example, a company that has access to these exponentially-advanced electronic devices can decrypt a sophisticated program within minutes and threaten the victim’s privacy rights. In other words, it could carry a potential invasive power that would be unmatched by traditional computers. Encryption technology is being used to protect sensitive information. There is “symmetric” and “asymmetric” encryption technology that is being used in the market.

Artificial intelligence technologies have been used to enhance deepfake campaigns. Deepfake is defined as synthetic media where a real person’s image is replaced with someone else’s likeness. It can be used to create an artificial video of another person and make it look real. It has been used to create celebrity porn videos, revenge porn, or fake news. It uses deep learning artificial intelligence software to create a fake picture or video. So, in essence, it can threaten valid and truthful information by publishing false or inaccurate information.

The technology that permits the creation of deepfake is “deep neural networks” which is one kind of artificial intelligence algorithm that finds large data set patterns. The neural-network structure that is generally used is the “autoencoder” which comprises of an encoder and decoder. The encoder compresses the image to a smaller size and the decoder decompresses the image back to the original size. A similar technology is the VFX which has been used by movie studios for visual effects. However, at the present time, a similar and less expensive technology is available.

There can be problems with deepfake technologies. For example, it’s been used to create fake images or videos of well-known individuals. This, in and of itself, can create legal issues such as defamation, false light, and civil harassment. Defamation is a false factual statement that is not privileged and tends to harm someone’s reputation. Defamation can occur against individuals and corporations and can have a lasting negative effect. False light is similar to defamation but it usually concerns invasion of privacy. So, for example, it can happen when a person is falsely portrayed as something he or she is not due to inaccurate impressions. The Restatement Second of Torts, Section 652, defines it as follows: