Tag Archives: FBI

Russian Hackers: Desperate for U.S. Information

The latest report regarding Russia stealing U.S. cyber secrets is yet again centered around the National Security Agency (NSA), using Contractors to gain access, in some cases, to classified data. It has been reported that a NSA Contractor (fired back in 2015) put highly classified U.S. cyber secrets on his home computer, which included information … Continue Reading

US Supreme Court Evaluates Privacy of Cell Phone Data

Last Thursday, the United States Supreme Court heard arguments in Carpenter v. United States.  At issue was whether the FBI violated the Fourth Amendment when it obtained the cellphone location records of Timothy Carpenter.  The FBI used these records to establish Mr. Carpenter’s whereabouts during time periods in which certain armed robberies occurred.  The government … Continue Reading

Connecticut Cyber Task Force Announced

The U.S. Attorney’s Office of the District of Connecticut has announced the creation of a Connecticut Cyber Task Force (“CCTF”) in partnership with the FBI, DEA, Secret Service, Homeland Security, IRS, Connecticut State Police, and 11 local police departments from throughout Connecticut as well as other federal authorities. The CCTF’s initial focus will be twofold: … Continue Reading

Energy and Critical Infrastructure Industries Warned of Increased Attacks by FBI and DHS

The FBI and Department of Homeland Security issued a joint statement on October 20 warning of an increased danger of a malicious “multi-stage intrusion campaign” to critical infrastructure industries, including the energy sector. According to the warning, hackers are targeting company-controlled sites of different agencies to access information on equipment and designs, including “control-system capabilities” that … Continue Reading

FERC Proposes New Cybersecurity Rules for Electric Grid

The Federal Energy Regulatory Commission (FERC) has proposed new rules to enhance cybersecurity for the electric grid in the U.S., which includes security management controls to specifically respond to risks associated with malware. FERC suggested that the North American Electric Reliability Corporation, the nonprofit that helps regulate the U.S. electric utility industry, implement “mandatory controls … Continue Reading

FBI Issues Warning about Internet-Connected Toys

We previously reported about the microphone and video capabilities of Echo technology [view related post]. The FBI is also concerned about this technology being used in toys that are connected to the Internet. The FBI is so concerned that yesterday, it issued a Public Service Announcement that warns consumers that Internet-connected toys “could present privacy … Continue Reading

Take-Aways from WannaCry

We have read multiple reports on WannaCry and if you are reading this and don’t know what WannaCry is, Google it for the background story. The clear message is this is not the last major attack we will see, and future attacks will only get more sophisticated. It is being estimated that the cost associated … Continue Reading

West Virginia University Medicine University Healthcare Patients Victims of Identity Theft

West Virginia University Medicine University Healthcare (WVUM) has confirmed that it is sending notification letters to over 7,400 of its patients seen at Berkeley Medical Center as a result of an unauthorized access to their information. It further confirmed that 113 of its patients have become the victims of identity theft as a result of … Continue Reading

Studies Show Ransomware up 6,000% and Reaps Billions and Phishing Emails are Used in 91% of all Cyber-Attacks

A recent IBM study shows that ransomware increased 6,000 percent in 2016 over 2015. According to the report, ransomware was present in almost 40 percent of all spam email messages. Ransomware is big business, since according to IBM Research, over 70 percent of business victims of ransomware pay the ransom for the key to get … Continue Reading

2016 Was the Year of the Data Breach

Although every year we lament about the significance of data breaches in the past year, 2016 was by far the worst. Data breaches were rampant, victimizing every industry and numbing consumers in the process. It was so bad that consumers began to throw up their hands and say “My personal information is out there anyway. … Continue Reading

Large Majority of Businesses Pay to Unlock Ransomware

2016 has been a banner year for ransomware cybercriminals. We have seen a dramatic rise in the use of ransomware, and businesses continue to become victims to ransomware, primarily through phishing and spear phishing schemes. The cybercriminals are getting so brazen, that when they attack a business with ransomware, they actually provide instructions on how … Continue Reading

16 Data Breach Class Action Lawsuits Filed Against 21st Century Oncology Consolidated

We previously reported that 21st Century Oncology suffered a data breach in October 2015 involving an intrusion into its systems which compromised around 2 million patients’ records, including their names, Social Security numbers, physicians’ names, insurance information, treatment information and diagnoses [view related posts here and here]. As a result of the data breach, sixteen … Continue Reading

FBI Issues a Private Industry Alert for State Election Systems

The Federal Bureau of Investigation (FBI) issued a private industry alert on August 18, 2016, to State Boards of Election to alert them of hackings into Board of Election websites.  According to the FBI, it “received information of an additional IP address, 5.149.249.172, which was detected in the July 2016, compromise of a state’s Board of … Continue Reading

White House Directive Outlines Who to Call for Help with a Cyber Incident

Last week, the White House issued a new directive that outlines how the government handles significant cyber incidents, which gives the public information on which agency to call in the event of a cyber incident. We often get asked, “Who do we call—the FBI, Secret Service, DOJ, etc.?” The directive outlines what incidents are considered … Continue Reading

Controversy looms over ECPA amendment in wake of Orlando terrorist attack

After the terrorist attack in Orlando, Florida, early this month, the Electronic Communications Privacy Act (ECPA) has been discussed quite a bit. The ECPA, a law which took effect in 1986, limits the government’s access to electronic communications and other information. Due to the advancement in technology over the past 30 years, Congress finds itself … Continue Reading

Privacy Tip #36 – Connected car security

A recent Government Accountability Office report outlined vehicle cybersecurity concerns, outlining that hackers can penetrate the technology of vehicles in both long range and short range attacks, including targeting Bluetooth controls. These car hackings allow the hackers to access steering, brakes, telematics and critical controls of cars. Just to put the threat in context, it … Continue Reading

FAA announces more drone detection testing at JFK Airport

The Federal Aviation Administration (FAA) announced this week that it will be expanding its research on how to detect ‘rogue’ drones near airports. The FAA will join forces with other government agencies and academic partners to experiment with new drone detection technology at JFK Airport in New York. FAA Senior Advisor on drone integration, Mark Gibson, … Continue Reading

Notice of proposed rulemaking, exemption for biometrics database from the grasp of the Privacy Act

Last week, the U.S. Department of Justice (DOJ) issued a notice of proposed rulemaking in the Federal Register moving to exempt the FBI’s biometrics database from the notice and consent provisions of the Privacy Act of 1974 (Privacy Act). The Privacy Act governs the collection, maintenance, use and dissemination of personally identifiable information (PII) that … Continue Reading

FBI issues another warning of a “dramatic increase” in phishing spoofs of CEOs

We have consistently reported about increased phishing attacks through emails that purport to come from high level executives, including CEOs. According to the FBI, the hackers use sophisticated social engineering to spoof company emails to “assume the identity of the CEO, a company attorney, or trusted vendor. They research employees who manage money and use … Continue Reading

Privacy Tip #29 – U.S. + Canada issue joint ransomware special alert—read and follow recommendations

We have frequently alerted individuals and companies about the increasing risk and success posed by sophisticated phishing schemes. It has become such a real and grave problem that the U.S. Computer Emergency Readiness Team of the Department of Homeland Security (US-CERT) has teamed up with the Canadian Cyber Incident Response Centre to issue a joint … Continue Reading
LexBlog