On June 13, 2017, the Department of Homeland Security published an alert regarding malicious cyber activity by the North Korean government, known as Hidden Cobra. Per the DHS and FBI, Hidden Cobra uses cyber operations to the government and military’s advantage by exfiltrating data and causing disruptive cyber intrusions. Potential impacts of a Hidden Cobra attach can include “temporary or permanent loss of sensitive or proprietary information, disruption to regular operations, financial losses incurred to restore systems and files, and potential harm to an organization’s reputation.” The DHS publication outlines ways to detect and protect against the malicious activity and suggests that organizations work to upgrade and/or remove older Microsoft operating systems and older versions of Adobe Flash Player, Microsoft Siverlight, and Hangul Word Processor. Further, organizations should review and block all IP addresses listed in the “indicators of compromise” list provided, review and enforce incident response plans, and contact the DHS and FBI to report any potential Hidden Cobra intrusions. The full DHS publication can be found here. We suggest that IT departments carefully review the full alert and take any steps possible to mitigate risk to the organization.
The 2017 edition of The Legal 500 United States recommends Seyfarth Shaw’s Global Privacy & Security Team as one of the best in the country for Cyber Law (including data protection and privacy). In addition, based on feedback from corporate counsel, the co-chairs of Seyfarth’s group, Scott A. Carlson and John P. Tomaszewski, and Seyfarth partners Karla Grossenbacher (head of Seyfarth’s National Workplace Privacy Team) and Richard D. Lutkus were recommended in the editorial. Richard Lutkus is also listed as one of 14 “Next Generation Lawyers.”
The Legal 500 United States is an independent guide providing comprehensive coverage on legal services and is widely referenced for its definitive judgment of law firm capabilities.
Tuesday June 20, 2017
1:00 p.m. to 2:30 p.m. Eastern
12:00 p.m. to 1:30 p.m. Central
11:00 a.m. to 12:30 p.m. Mountain
10:00 a.m. to 11:30 a.m. Pacific
There is no cost to attend this program, however, registration is required.
Discovery is often the most expensive, frustrating and burdensome aspect of litigation and many cases settle before discovery is complete in order to avoid these costs. A new mandatory pilot program in the US District Court for the Northern District of Illinois will change all that by requiring extensive discovery early on in litigation. Effective June 1, 2017, the Federal Court in the Northern District of Illinois will embark upon a three-year mandatory pilot program, known as the Mandatory Initial Discovery Pilot Project (MIDPP) which imposes court-ordered discovery and early production of electronically stored information (ESI) in almost all civil cases. Please join Seyfarth attorneys to learn about the new pilot program and how it will affect litigation involving your company. In this webinar, the panel will review the MIDPP and answer the following questions:
- Who does the MIDPP affect?
- What does the MIDPP require?
- When does the MIDPP take affect?
- Where is the MIDPP taking place?
- Why was the MIDPP implemented?
- How do companies comply with the MIDPP?
Jordan Vick – Seyfarth Shaw
Lou Chronowski – Seyfarth Shaw
Jay Carle – Seyfarth Shaw
If you have any questions, please contact firstname.lastname@example.org.
*CLE Credit for this webinar has been awarded in the following states: CA, IL, NJ and NY. CLE Credit is pending for GA, TX and VA. Please note that in order to receive full credit for attending this webinar, the registrant must be present for the entire session.
On May 11, President Trump signed Executive Order (EO) on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure. This is a significant development for U.S. cybersecurity as it represents a concrete call to action for the government to modernize its information technology, beef up its cybersecurity capabilities, protect our country’s critical infrastructure from cyberattacks, and ensure the overall cybersecurity and privacy of the internet for generations to come. The EO also stresses the importance of the growth and sustainment of a workforce that is skilled in cybersecurity as the foundation for achieving U.S. objectives in cyberspace.
This EO was much anticipated. In fact, earlier this year, we, along with many other internet sources, reported that President Trump was expected to sign soon EO on Strengthening U.S. Cyber Security and Capabilities. The “leaked” draft of the expected EO we examined at that time was never signed, and the actual, signed EO on cybersecurity bears little resemblance to the version that circulated on the internet in February.
The signed EO requires various agencies to prepare a number of reports on the current status of cybersecurity and risk management and to present plans for improvement and further development. Because there are tight deadlines associated with these reports, the agencies are already at work on conducting the necessary analysis and developing path forward. With all its robustness, the EO, however, represents a natural progression in strengthening our national cybersecurity and builds upon previous federal efforts. Indeed, the EO expressly ties several of its mandates to the various cybersecurity orders signed by President Obama.
Scott Carlson, the founder and Chair of Seyfarth Shaw’s eDiscovery and Information Governance practice, will examine this EO along with other current cybersecurity issues facing U.S. organizations in further detail during the First 100 & Beyond: Seyfarth’s Strategy & Planning Summit For Businesses, an event that will be held at Seyfarth Shaw’s Chicago office on May 25, 2017. There is no cost to attend this event, but registration is required. Please consider joining us for this important discussion.
Recently, a widespread global ransomware attack has struck hospitals, communication, and other types of companies and government offices around the world, seizing control of affected computers until the victims pay a ransom. This widespread ransomware campaign has affected various organizations with reports of tens of thousands of infections in as many as 99 countries, including the United States, United Kingdom, Spain, Russia, Taiwan, France, and Japan. The software can run in as many as 27 different languages. The latest version of this ransomware variant, known as WannaCry, WCry, or Wanna Decryptor, was discovered the morning of May 12, 2017, by an independent security researcher and has spread rapidly.
In Realpage Inc. v. Enter. Risk Control, LLC, 2017 BL 102339 (E.D. Tex. 2017), the court ordered Enterprise Risk Control, LLC (“Enterprise”) to produce forensic images of devices used by a former Realpage employee to a forensic neutral in order to determine whether any source code was recoverable pertaining to Realpage’s allegations of misappropriation.
After leaving employment with Realpage in 2012, Tom Bean (“Bean”) started his own software development company named IDC. Bean and IDC were hired by former Realpage employee, and active Enterprise employee, Lonnie Derden (“Derden”) to design a vendor compliance application that was “completely different” than the one in place at Realpage. In July 2013, Enterprise hired Bean as a full-time employee and it was at that time that Bean transferred all of his source code for the vendor compliance application from IDC’s computers to Enterprise’s computers. According to Bean’s affidavit, he deleted all versions of his source code from IDC’s computers after the transfer.
Pursuant to this lawsuit, Enterprise made the vendor compliance application source code from July 2013 to the present available to Realpage for their analysis. During their review, Realpage found comments in the source code referencing dates from 2012 and early 2013, which Realpage argued indicated that versions of the source code from that point in time must exist. While the court rejected this argument, they recognized that Realpage’s complaints surround code that existed on or before the date that Bean transferred the source code to Enterprise. The court concluded that “a tailored [forensic] examination is appropriate at this time to determine whether the missing code is recoverable or to enable effective cross-examination as to its destruction.” Id. at *2. Continue Reading Court Orders Enterprise to Engage in Forensic Imaging and Analysis
Another week, another well-concocted phishing scam. The most recent fraudulent activity targeted businesses that use Workday, though this is not a breach or vulnerability in Workday itself. Specifically, the attack involves a well-crafted spam email that is sent to employees purporting to be from the CFO, CEO, or Head of HR or similar. Sometimes the emails include the name, title, and other personal information of the “sender” that we believe might be harvested from LinkedIn or other business databases. The email asks employees to use a link in the phishing email or attached PDF to log into a fake Workday website that looks legitimate. The threat actors who run the fake Workday website then use the user name and password to log into the Workday account as the employee and change their direct deposit bank/ACH information to another bank, relatable Green Dot, or similar credit card.
The fraud is typically only discovered when the employees contact HR inquiring as to why they did not receive their direct deposit funds. Unfortunately it appears that spam filters and other controls are failing to prevent this email from infiltrating the organization’s network.
In order to prevent this from happening to your organization, Workday has posted several “best practice” tips on their customer portal. The most impactful mitigation techniques include enabling and enforcing two factor authentication on your organization’s Workday instance, and changing your Workday settings to force administrative approval upon employee requests for direct deposit account change. Both of these will help secure your Workday environment and avoid employee loss of paychecks. Finally, always remember to train employees on fraudulent email identification through training and security drills/tests.
On January 5, 2017, the Federal Trade Commission (FTC) sued for permanent injunction a Taiwan-based computer networking equipment manufacturer D-Link Corporation and its U.S. subsidiary, alleging that D-Link’s inadequate security measures left its wireless routers and IP cameras used to monitor private areas of homes and businesses vulnerable to hackers, thereby compromising U.S. consumers’ privacy.
In the complaint filed in the Northern District of California, Federal Trade Commission v. D-Link Systems Corp. et al., Case Number 3:17cv39, the FTC alleged that D-Link failed to take reasonable steps to secure its routers and Internet Protocol (IP) cameras, potentially compromising sensitive consumer information, including live video and audio feeds from D-Link IP cameras. The FTC’s allegation of consumer injury is limited to the statement that due to the lack of security, consumers “are likely to suffer substantial injury” and that, unless stopped by an injunction, D-Link is “likely to injure consumers and harm the public interest.”
In seeking the requested relief, the FTC is relying on its powers under Section 5(a) of the FTC Act, 15 U.S.C. § 45(a). The FTC’s Section 5 powers have largely gone unchallenged by companies subject to enforcement action until Wyndham hotels, which came under investigation after it suffered a series of data breaches, tried to curtail the FTC’s jurisdiction in 2015. That challenge failed when the Third Circuit held that the FTC did, in fact, have the authority to regulate cybersecurity practices under the unfairness prong of Section 5 of the FTC Act.
When: Monday, April 24, 2017
Where: Offices of Seyfarth Shaw LLP, Chicago, IL
Sign in: 5:00 – 5:30 pm
Event: 5:30 – 6:30 pm
Reception: 6:30 – 7:30 pm
Topic: Interactive Dialogue concerning The Sedona Conference® International Litigation Principles (Transitional Edition): Practical Help for Companies with the EU General Data Protection Regulation and Privacy Shield
Please join us for a Working Group 6 (WG6) Membership-Building event at Seyfarth Shaw on Monday, April 24, 2017, [Sign in: 5:00 pm; Event: 5:30 pm; Reception: 6:30 pm]. A distinguished panel, including panel moderator Jim Daley of Seyfarth Shaw, Jennifer Hamilton of Deere & Company, Cameron Krieger of Latham & Watkins, and Laura Kibbe will lead a dialogue on The Sedona Conference® International Litigation Principles (Transitional Edition).
The International Litigation Principles was first published in 2011. In the intervening years, there have been important Developments in data protection law world-wide, including the passage of the EU General Data Protection Regulation (GDPR), the replacement of the Safe Harbor Data Transfer Framework with the new “Privacy Shield” framework, and the emergence of the APEC data privacy framework in the Asia-Pacific region. The situation is still fluid, particularly the implementation of the EU GDPR between now and its effective date of May 2018. Despite this, the six Sedona International Principles have remained relevant and useful. The Transitional Edition updates the commentary and analysis of the original Principles document, and includes two new model court orders to facilitate cross-border transfer of personal data for discovery in the U.S. litigation.
The event is open to the entire legal community, and there is no cost to attend.
Non-members in attendance that are interested in becoming WG6 members will receive a $100 discount for a Working Group Series (WG6) membership. Please be sure to remind any friends, colleagues or clients who are interested in joining. WGS membership is in-for-one, in-for-all. Once a WGS member, one is eligible to become a member and take part in the activities of all Working Groups, including WG6.
|James Daley||Jennifer Hamilton||Laura Kibbe||Cameron Krieger|
Seyfarth Host: Scott Carlson
AGENDA — APRIL 24, 2017
|5:00 – 5:30 pm||Sign In|
|5:30 – 6:30 pm||Interactive Dialogue||Daley, Hamilton, Kibbe, Krieger|
|6:30 – 7:30 pm||Reception|
Seyfarth Shaw LLP is an approved provider of Illinois Continuing Legal Education (CLE) Credit. This event is approved for 1.0 hours of CLE credit in CA, IL, NJ and NY. CLE credit is pending for GA, TX and VA.
In January 2017, The Sedona Conference Working Group on International Electronic Information Management, Discovery, and Disclosure (WG6) issued the much-anticipated International Litigation Principles on Discovery, Disclosure & Data Protection in Civil Litigation (Transitional Edition). This publication updates the 2011 International Litigation Principles, which preceded the 2013 Snowden revelations and the Schrems decision invalidating the U.S.-EU Safe Harbor. It also incorporates adoption and implementation of the EU-U.S. Privacy Shield, and the approval of the EU General Data Protection Regulation (GDPR), which is set to replace the 1995 EU Data Privacy Directive in May 2018. Many of these developments are consistent with the focus on “proportionality” of discovery in the 2015 amendments of the U.S. Federal Rules of Civil Procedure.
Given the complex and dynamic EU data protection landscape – where the new Privacy Shield has not been tested, and before the GDPR has even taken effect, – WG6 has aptly designated this as a “Transitional” edition. This edition provides interim best practices and practical guidance for courts, counsel and corporate clients on safely navigating the competing and conflicting issues involved in cross-border transfers of EU personal data in the context of transnational litigation and regulatory proceedings. Following are the publication’s Six Transitional International Litigation Principles: