1 / 17

Evolving Threats: Fighting Online Fraudulent Activity LSI Conference, S.F. William J. Cook

Evolving Threats: Fighting Online Fraudulent Activity LSI Conference, S.F. William J. Cook. Bill Cook. Partner, Wildman Harrold, Chicago Retail response to CPP and PCI failure claims Intellectual Property, Internet and Web law (Business Continuity and Security) 90 trials

aviva
Download Presentation

Evolving Threats: Fighting Online Fraudulent Activity LSI Conference, S.F. William J. Cook

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Evolving Threats: FightingOnline Fraudulent ActivityLSI Conference, S.F.William J. Cook

  2. Bill Cook • Partner, Wildman Harrold, Chicago • Retail response to CPP and PCI failure claims • Intellectual Property, Internet and Web law (Business Continuity and Security) • 90 trials • Expert presentations on Internet liability before U.S. House Judiciary Comm., GAO, FCC • Chicago IMNA Board Member, Immediate Past President • Former Head of US DOJ Computer Crime Task Force; Counter-Espionage Coordinator and Counter-Terrorist Coordinator; DOJ FEMA Coordinator (Chicago) • NRC Committee on Critical Infrastructure Protection and the Law

  3. Spam • 9 of 10 Internet emails are spam • 6 of the 9 carry a payload • Virus • Bots • Denial of service attacks • VOIP attacks • Virginia AG v. California

  4. Webpage BIA Security Crisis • May 17, 2005 court continues security requirements and applied to wireless • Cobell v. Norton, Fed. 12/05/01

  5. Other Vendor IssuesNY AG v. ACLU • Secret contributor list • Webpage representations • The vendor did it

  6. FTC v. Yesmail Inc. d/b/a Once CorporationSoftware ate my homework • Yesmail sent unsolicited commercial e-mail after consumers asked it to stop • FTC fine $50,717 • Yesmail sent e-mail on behalf of its clients more than 10 business days after recipients had asked it to stop. • Yesmail offers e-mail marketing services, including sending commercial e-mail and processing unsubscribe requests from recipients. • Yesmail said it’s spam filtering software filtered out certain unsubscribe requests from recipients which resulted in Yesmail failing to honor unsubscribe requests by sending thousands of commercial e-mail messages to recipients more than 10 business days after their requests. • http://www.ftc.gov/opa/2006/11/yesmail.htm

  7. Spoofing • The unauthorized use of a third-party domain name as the sender's name in an e-mail message. Most often used by spammers, spoofing the name of a popular retailer or organization entices the recipient to read the full message • Handled as ID theft • No federal prosecutions

  8. FTP Site Compromise • Client’s President accessed competitor’s FTP site and obtained customer lists, vendor price lists, source code • Criminal and civil actions filed against Client at the same time as FBI search of corporate offices • Issues regarding security, expectation of privacy

  9. Spyware • Software that covertly gathers user information through the user's Internet connection without his or her knowledge, usually for advertising purposes. • Typically bundled as a hidden component of freeware or shareware programs that can be downloaded from the Internet • spyware monitors user activity on the Internet and transmits that information in the background to someone else. • Spyware can also gather information about e-mail addresses and even passwords and credit card numbers. • Spyware steals from the user by using the computer's memory resources and also by eating bandwidth • Because spyware exists as independent executable program, its has the ability to monitor keystrokes, scan files on the hard drive, snoop other applications, such as chat programs or word processors, install other spyware programs, read cookies, change the defaulthome page on the Web browser, consistently relaying this information back to the spyware author who will either use it for advertising/marketing purposes or sell the information to another party. • Violation of ECPA? Computer Fraud & Abuse Act?

  10. Michigan Becomes First State to Employer Liability for Workplace Identity Theft • June 2005 announced that Michigan will allow employee lawsuits against employers • Michigan Ct. of Appeals allows employee victim to recover $275,000

  11. Ramifications of Stolen Computers • Company’s outsource healthcare information to vendors • Client’s employee database of health information, personal credit cards and other personal information missing • Business Associate rule • Vendor suffers intrusion and laptops stolen • Internal investigation • HIPAA exposure identified • Potential employee legal action(s) identified • Vendor forced to meet ISO 17799 and corporate standards • Prepared and oversaw E&Y ISO 17799 security audit and evaluated compensating controls • Negotiated vendor contract changes and remediation • Rewrote security provisions for vendor contracts

  12. Defecting CEO • CEO and 5 key employees left ecommerce client with trade secret information to start up competing company • Forced forensic analysis of departed hard drives to locate stolen information • Evaluated Economic Espionage Act referral/not applicable • Opponents clearly understood liability and embarrassment if they did not cooperate • Used threat of litigation to achieve client’s business strategy without actually having to go to court • Negotiated return of all data and essentially shut down potential competitor

  13. I.D. Theft: Russian Carding • Some estimates: 20% of credit card transactions are fraudulent • Since Feb. 2005, sensitive personal records exposed in security breaches: 93,771,829 • Russian carding contributes $1 Billion annually to Russian economy • Russian cards sponsor events at the Kremlin • Underground pages bragging about: • Infiltrating bank processors • Attacks on specific financial targets • Breaching 3DES • Posting databases

  14. CPP (CPC) Designation • Case against merchant begins with designation as a common point of purchase (CPP) or a common point of compromise (CPC) • CPP is determined by reverse analysis of credit card or debit card activity • Credit card association or agent makes contact • Date of alleged fraud may be remote • Forensic Audit triggered

  15. Moving Parts • Visa, MC, AmEx, Discovery • Issuing banks • Acquiring banks • Merchants that accept fraudulent credit cards, increasingly located in Europe • POS software vendors • Insurance companies and brokers • Public relations • Stockholder issues • Board of Director issues • Consumer disclosure issues and Secret Service non-disclosure request • Disclosure / cooperation with federal agencies

  16. Downstream Liability Issues • Standard of care before intrusion • How much due diligence can be proven • Corporate policies • Public relations • SEC and Stockholder issues • Board of Director issues

  17. Questions? William J. Cook, Esq. Wildman Harrold Allen & Dixon LLP 225 West Wacker Drive Chicago, IL 60606-1229 312.201.2000 (General Number) 312.201.2555 (Fax) cook@wildmanharrold.com

More Related