evolving threats: fighting online fraudulent activity lsi conference, s.f. william j. cook

Download Evolving Threats: Fighting Online Fraudulent Activity LSI Conference, S.F. William J. Cook

Post on 22-Feb-2016

35 views

Category:

Documents

0 download

Embed Size (px)

DESCRIPTION

Evolving Threats: Fighting Online Fraudulent Activity LSI Conference, S.F. William J. Cook. Bill Cook. Partner, Wildman Harrold, Chicago Retail response to CPP and PCI failure claims Intellectual Property, Internet and Web law (Business Continuity and Security) 90 trials - PowerPoint PPT Presentation

TRANSCRIPT

  • Evolving Threats: FightingOnline Fraudulent ActivityLSI Conference, S.F.

    William J. Cook

    confidential

    W I L D M A N H A R R O L D | A T T O R N E Y S A N D C O U N S E L O R SEvolving Online Threats September 26, 2006*

    Bill CookChicago IMNA Board Member, Immediate Past PresidentFormer Head of US DOJ Computer Crime Task Force; Counter-Espionage Coordinator and Counter-Terrorist Coordinator; DOJ FEMA Coordinator (Chicago)NRC Committee on Critical Infrastructure Protection and the LawPartner, Wildman Harrold, ChicagoRetail response to CPP and PCI failure claimsIntellectual Property, Internet and Web law (Business Continuity and Security)90 trialsExpert presentations on Internet liability before U.S. House Judiciary Comm., GAO, FCC

    confidential

    W I L D M A N H A R R O L D | A T T O R N E Y S A N D C O U N S E L O R SEvolving Online Threats September 26, 2006*

    Spam9 of 10 Internet emails are spam6 of the 9 carry a payloadVirusBots Denial of service attacksVOIP attacksVirginia AG v. California

    confidential

    W I L D M A N H A R R O L D | A T T O R N E Y S A N D C O U N S E L O R SEvolving Online Threats September 26, 2006*

    Webpage BIA Security Crisis May 17, 2005 court continues security requirements and applied to wirelessCobell v. Norton, Fed. 12/05/01

    confidential

    W I L D M A N H A R R O L D | A T T O R N E Y S A N D C O U N S E L O R SEvolving Online Threats September 26, 2006*

    Other Vendor IssuesNY AG v. ACLUSecret contributor listWebpage representationsThe vendor did it

    confidential

    W I L D M A N H A R R O L D | A T T O R N E Y S A N D C O U N S E L O R SEvolving Online Threats September 26, 2006*

    FTC v. Yesmail Inc. d/b/a Once CorporationSoftware ate my homeworkYesmail sent unsolicited commercial e-mail after consumers asked it to stop FTC fine $50,717Yesmail sent e-mail on behalf of its clients more than 10 business days after recipients had asked it to stop.Yesmail offers e-mail marketing services, including sending commercial e-mail and processing unsubscribe requests from recipients. Yesmail said its spam filtering software filtered out certain unsubscribe requests from recipients which resulted in Yesmail failing to honor unsubscribe requests by sending thousands of commercial e-mail messages to recipients more than 10 business days after their requests.

    http://www.ftc.gov/opa/2006/11/yesmail.htm

    confidential

    W I L D M A N H A R R O L D | A T T O R N E Y S A N D C O U N S E L O R SEvolving Online Threats September 26, 2006*

    SpoofingThe unauthorized use of a third-party domain name as the sender's name in an e-mail message. Most often used by spammers, spoofing the name of a popular retailer or organization entices the recipient to read the full messageHandled as ID theftNo federal prosecutions

    confidential

    W I L D M A N H A R R O L D | A T T O R N E Y S A N D C O U N S E L O R SEvolving Online Threats September 26, 2006*

    FTP Site CompromiseClients President accessed competitors FTP site and obtained customer lists, vendor price lists, source codeCriminal and civil actions filed against Client at the same time as FBI search of corporate officesIssues regarding security, expectation of privacy

    confidential

    W I L D M A N H A R R O L D | A T T O R N E Y S A N D C O U N S E L O R SEvolving Online Threats September 26, 2006*

    SpywareSoftware that covertly gathers user information through the user's Internet connection without his or her knowledge, usually for advertising purposes. Typically bundled as a hidden component of freeware or shareware programs that can be downloaded from the Internetspyware monitors user activity on the Internet and transmits that information in the background to someone else. Spyware can also gather information about e-mail addresses and even passwords and credit card numbers. Spyware steals from the user by using the computer's memory resources and also by eating bandwidthBecause spyware exists as independent executable program, its has the ability to monitor keystrokes, scan files on the hard drive, snoop other applications, such as chat programs or word processors, install other spyware programs, read cookies, change the default home page on the Web browser, consistently relaying this information back to the spyware author who will either use it for advertising/marketing purposes or sell the information to another party.Violation of ECPA? Computer Fraud & Abuse Act?

    confidential

    W I L D M A N H A R R O L D | A T T O R N E Y S A N D C O U N S E L O R SEvolving Online Threats September 26, 2006*

    Michigan Becomes First State to Employer Liability for Workplace Identity TheftJune 2005 announced that Michigan will allow employee lawsuits against employersMichigan Ct. of Appeals allows employee victim to recover $275,000

    confidential

    W I L D M A N H A R R O L D | A T T O R N E Y S A N D C O U N S E L O R SEvolving Online Threats September 26, 2006*

    Ramifications of Stolen ComputersCompanys outsource healthcare information to vendorsClients employee database of health information, personal credit cards and other personal information missingBusiness Associate rule Vendor suffers intrusion and laptops stolenInternal investigationHIPAA exposure identifiedPotential employee legal action(s) identifiedVendor forced to meet ISO 17799 and corporate standardsPrepared and oversaw E&Y ISO 17799 security audit and evaluated compensating controlsNegotiated vendor contract changes and remediationRewrote security provisions for vendor contracts

    confidential

    W I L D M A N H A R R O L D | A T T O R N E Y S A N D C O U N S E L O R SEvolving Online Threats September 26, 2006*

    Defecting CEOCEO and 5 key employees left ecommerce client with trade secret information to start up competing companyForced forensic analysis of departed hard drives to locate stolen informationEvaluated Economic Espionage Act referral/not applicableOpponents clearly understood liability and embarrassment if they did not cooperateUsed threat of litigation to achieve clients business strategy without actually having to go to courtNegotiated return of all data and essentially shut down potential competitor

    confidential

    W I L D M A N H A R R O L D | A T T O R N E Y S A N D C O U N S E L O R SEvolving Online Threats September 26, 2006*

    I.D. Theft: Russian CardingSome estimates: 20% of credit card transactions are fraudulentSince Feb. 2005, sensitive personal records exposed in security breaches: 93,771,829Russian carding contributes $1 Billion annually to Russian economyRussian cards sponsor events at the KremlinUnderground pages bragging about:Infiltrating bank processorsAttacks on specific financial targetsBreaching 3DES Posting databases

    confidential

    W I L D M A N H A R R O L D | A T T O R N E Y S A N D C O U N S E L O R SEvolving Online Threats September 26, 2006*

    CPP (CPC) DesignationCase against merchant begins with designation as a common point of purchase (CPP) or a common point of compromise (CPC)CPP is determined by reverse analysis of credit card or debit card activityCredit card association or agent makes contactDate of alleged fraud may be remoteForensic Audit triggered

    confidential

    W I L D M A N H A R R O L D | A T T O R N E Y S A N D C O U N S E L O R SEvolving Online Threats September 26, 2006*

    Moving PartsVisa, MC, AmEx, DiscoveryIssuing banksAcquiring banksMerchants that accept fraudulent credit cards, increasingly located in EuropePOS software vendorsInsurance companies and brokersPublic relationsStockholder issuesBoard of Director issuesConsumer disclosure issues and Secret Service non-disclosure requestDisclosure / cooperation with federal agencies

    confidential

    W I L D M A N H A R R O L D | A T T O R N E Y S A N D C O U N S E L O R SEvolving Online Threats September 26, 2006*

    Downstream Liability IssuesStandard of care before intrusionHow much due diligence can be provenCorporate policiesPublic relationsSEC and Stockholder issuesBoard of Director issues

    confidential

    W I L D M A N H A R R O L D | A T T O R N E Y S A N D C O U N S E L O R SEvolving Online Threats September 26, 2006*

    Questions?William J. Cook, Esq.Wildman Harrold Allen & Dixon LLP225 West Wacker DriveChicago, IL 60606-1229312.201.2000 (General Number)312.201.2555 (Fax)cook@wildmanharrold.com

    confidential

Recommended

View more >