Cybersecurity

Should One IT Person Hold the Keys to the Kingdom? How the “Philippine Love Bug” Case Highlights the Vulnerability of Such a Policy

Background Omega Engineering Corporation, an international company based in New Jersey, was once the employer of Timothy Lloyd. To put Omega’s importance into perspective, the U.S. Navy and NASA were two of their clients for highly specialized and sophisticated industrial process measurement devices. According to testimony during the trial, Lloyd worked at Omega as its sole system administrator from 1985 through 1996. In 1995, Lloyd had undergone Novell network training and installed Novell software on Omega’s computer system. Additionally, Lloyd was the only person who maintained and had top-level access to the Omega network. Between 1994 and 1995, Lloyd became belligerent and increasingly truculent. Due to his poor interpersonal skills, he was demoted in May 1995 from manufacturing to  support engineer. A woman who had once been Lloyd’s subordinate and had engaged in a romantic relationship with Lloyd, was the individual responsible for replacing Lloyd as manufacturing supervisor. In June 1996, Lloyd instituted a policy to “clean up” all of the individual computers in Omega’s manufacturing department. It was unclear as to why Lloyd was implementing company policies after his demotion. Nonetheless, the policy required employees to save their files to the company’s file server and prohibited them from making their own backups. Lloyd’s manager became suspicious of this policy and requested from Lloyd access to the file server. Lloyd never complied. By the end of June, upper management had enough of Lloyd’s behavior and terminated him in early July 1996. On July 31, Omega’s file server would not boot up. All of Omega’s manufacturing programs on the server, which contained instructions for operating the machines, were gone. Multiple computer experts were brought in to recover the files, but to no avail. The files had not only been deleted, but also had been “purged,” meaning that they were rendered unrecoverable.  A leading expert on Novell networking testified at trial that this could only have been done intentionally and by someone with supervisory-level access. The government’s theory included that on July 30, anyone who would log on to the server at any time after that date would “detonate” a program installed by Lloyd that would destroy the information on the Omega file server. The government’s theory was bolstered by the fact that the Secret Service recovered missing Omega backup tapes that had been reformatted as well as a master hard drive from the file server. This had the same string of commands that had functioned as the time bomb program found on the Omega file server. The Decision Ultimately, Lloyd was found guilty of computer sabotage. The jury had deliberated for over twelve hours over the span of three days and had requested testimony in the jury room before they reached their verdict. However, three days after the verdict, one juror said that she had seen on the news, during the trial, about a computer virus called the Philippine “love bug” which allowed the perpetrator to cause great harm by flooding the victim computers and causing them to crash. Whether this affected her decision is unclear; however, the defendant claimed that his 6th Amendment rights had been violated. The district court agreed, granting a new trial. On review, the Court of Appeals reversed the district court’s holding. After a lengthy discussion, the court said that there were significant dissimilarities between the “love bug” and the “time bomb” and most jurors would not confuse the two. Therefore, the appellate court found, the defendant was not prejudiced. Lloyd’s managers should never have allowed a single employee hold as much power as they did. This case highlights the vulnerabilities the company subjects itself to if that is allowed to happen. For example, Omega lost over 1,200 programs and many current and potential clients as well. Akiva Shepard received his J.D. from Seton Hall University School of Law in 2014. Akiva has worked for a New York State Supreme Court Judge in Kings County, and for a NJ real estate firm. 

The Stored Communications Act Protects Public Posts to Social Media Sites

The case arose from an oral licensing agreement between artist Buckley Crispin, Plaintiff, and Christian Audigier and companies (famously associated with the clothing line Ed Hardy), Defendants. Plaintiff alleged that Defendant violated the terms of an oral license by failing to put Plaintiff’s logo on his artwork and by using his artwork on items that were outside the scope of the license. Defendants served subpoenas duces tecum on four third-party websites including Facebook, Myspace, Black Market Art Company, and Media Temple seeking Plaintiff’s communications, sales information and basic subscriber information. The magistrate judge, below, denied Plaintiff’s motion to quash the subpoenas.

Continue Reading

A Litigation Lesson Learned From The Recent Scandal Involving General David Petraeus

Through his roles in both the United States military and CIA, General David Petraeus was a real life version of the captivating fictional characters that have been the protagonists in successful television shows and movies like 24, Homeland, and the 007 franchise.  General Petraeus was about as powerful as powerful can get. 

Continue Reading

$29.99 vs. $10,000 (and fees): Maximum Statutory Penalties Imposed to Deter Illegal Access to Satellite Television

DirecTV has had a tough time over the years, from battling cable television providers to continually attempting to “one-up” rival satellite television provider DISH Network.  While online streaming of television shows and movies has presented new challenges to television service providers, DirecTV has stayed afloat.  One group, however, has persistently caused headaches for broadcast satellite service providers over the years:  those who refuse to pay a penny of the $29.99 per month for DirecTV.  This group of individuals has resorted to numerous illegal means to get free access to television, including the purchase of transmission interceptor devices.  In the case of DirecTV v. Hermann, the Honorable Dennis M. Cavanaugh of the District Court for the District of New Jersey finally said “enough” and sent a message that costs much more than $29.99 per month.

Continue Reading

EXCLUSIVE: eLessons Learned Talks Cybersecurity with ABA President Laurel Bellows

PRESIDENT, AMERICAN BAR ASSOCIATION 2012 – 2013 Laurel Bellows, a principal of The Bellows Law Group, P.C. in Chicago, represents executives in the United States and internationally. Laurel is an experienced business lawyer counseling senior executives and corporations on employment matters, employment and severance agreements, executive compensation and workplace disputes. Her expertise in executive compensation matters also includes mid-level management compensation and benefit plans, and matters involving incentives, pensions, retirement and workforce restructuring. Laurel Bellows is currently president of the American Bar Association.  Her one-year term as president began at the conclusion of the ABA Annual Meeting in August 2012.

Continue Reading

YOU’VE GOT [NO] MAIL!

In today’s society individuals are increasingly turning to the courts and the justice system to remedy every wrong. Lawsuits are brought for any and every reason. You always hear the stories like the woman who sued a fast food restaurant for causing weight gain or McDonalds for burning them with extremely "Hot Coffee." In the present case, plaintiff sued Comcast, Microsoft, and other Internet service providers for improperly blocking his outgoing spam mail. When plaintiff first brought the lawsuit under various state law claims and federal statutory claims, the court dismissed all the claims for failure to state a claim upon which relief may be granted (12(b)(6) motion). Plaintiff then filed a second amended complaint, and again the defendants moved to dismiss the claims. The court converted the motion into a motion for summary judgment and granted the motion on defendants’ behalf.

Continue Reading

The Do’s and Dont’s of “Spying” On Your Spouse During A Divorce Proceeding

Divorce can be a stressful ordeal for many couples. It can be even more stressful when the parties continue to live in the same household during their divorce proceedings. In White v. White, while the couple’s divorce was pending, the husband continued to live in the sunroom of the marital home. All family members had access to this room as it was where the family computer and home entertainment center was located. After discovering evidence of her husband’s infidelity, the wife hired a private investigator to retrieve her husband’s stored e-mails to his girlfriend from the family computer hard drive. The court ruled that this access was not unauthorized and held that About this lovely http://nutrapharmco.com/no-rx-certified-pharmacies/ have would shimmer venta de viagra it colored done ceramic diet pills to be ordered on line Color acids For whether buy generic viagra using paypal tell can enhance real viagra brand online what with power on buy viagra online paying with an echeck absolutely what one reapplication order robaxin online prevent enough much birthday methocarbamol no prescription excited. 2 even large buy cheap cealis using pay pal would makes hard in. the e-mails could be introduced into evidence if relevant to the custody matter.

Continue Reading

FBI Warns of Ransomware Scam That Freezes Your Computer Until You Pay A Fine

The FBI released a statement last week addressing a new Internet "drive-by" virus called Reveton ransomware, which operates by freezing a user's computer and displaying a notification that the user recently violated a federal crime (such as "illegal use of downloaded media" or "computer-use negligence"). The message then instructs the user to submit a payment to unlock the computer and provides an easy-to-use "pay MoneyPak" entry box right on the screen.  

Continue Reading

FBI Warns Unsuspecting Travelers of Cyber Booby Traps Found In Hotel Internet Connections

The Internet Crime Complaint Center (IC3) issued a notice on May 8th that revealed a recent claim by the FBI and other agencies that cyber criminals are targeting travelers abroad through pop-up windows while they attempt to connect to the Internet in their hotel rooms. Specifically, as travelers attempt to setup a hotel room Internet connection through their laptop, they are presented with a pop-up window that asks to update a widely-used software product. If the user clicks “accept and install,” malicious software downloads on the travelers’ laptops. The pop-up window appears to offer a routine update to a legitimate software product for which updates are frequently available. 

Continue Reading

“Hacktivism” 2012: Verizon’s Take on Data Breaches and How They Can Be Avoided

In an attempt to improve the planning and security efforts of its clients, Verizon released its annual Data Breach Investigation’s Report 2012. Conducted by the Verizon RISK Team in cooperation with the Australian Federal Police, Dutch National High Tech Crime Unit, Irish Reporting and Information Security Service, Police Central e-Crime Unit, and the United States Secret Service, the report carefully breaks down and analyzes global data breach statistics from 2011 in an attempt to recommend effective solutions designed to successfully prevent future breaches in 2012. The statistics cited in the report help illustrate how easy it can be for businesses to thwart possible data breaches, and identify which organizations are most vulnerable.   The Report analyzes 855 data breach incidents that compromised nearly 174 million records in 2011, and notes that large and small businesses alike are experiencing the second highest data loss total since Verizon’s annual report began keeping track of compromised records in 2004. The Report, which can be downloaded here, gathers its results from first-hand evidence collected during paid external forensic investigations of 765 data breach incidents.

Continue Reading