Examining the Global Impact of AI + Cyber + Data + Privacy + Law = Business Risk
This past week the blogosphere brought a great deal of attention to the case Battelle Energy Alliance, LLC v. Southfork Security, Inc., 2013 WL 5637747 (D. Idaho Oct. 15, 2013), by claiming it held that if you call yourself a “hacker” you could lose your 4th Amendment rights. My friend Michael @theprez98 (a veteran, white-hat hacker, and student …
Continue reading “Video: How Does Calling Yourself a “Hacker” Impact Your Rights In Court?”
Today I had the honor of speaking at the Combating Corporate Espionage: Protecting Your Organization From “hackers, insiders & fraudster” seminar with Jarrett Kolthoff and David Major. Jarrett is the CEO of SpearTip Cyber Counterintelligence; he and I have worked together quite a bit so he first impressed me long ago with the depth of his …
Continue reading “Combating Corporate Espionage Seminar – Prezi and a few thoughts”
A Kentucky man was convicted of violating the Computer Fraud and Abuse Act for hacking into specific accounts on the website sodahead.com and replacing purported racist and homophobic content with less offensive content. Michael Pullen was able to hack into the accounts by exploiting a software vulnerability. The man was sentenced to 5 months in …
Continue reading “Hacker Sentenced to 5 Months Under CFAA for Hacking SodaHead.com Accounts”
In denying a motion to dismiss a civil Computer Fraud and Abuse Act claim, a district court found that a departing employee’s purported cover-up of nefarious activity by deleting e-mails from his “sent” and “deleted items” folders on Plaintiffs’ computer system was sufficient to allege damage pursuant to 18 U.S.C. § 1030(c)(4)(A)(i) which provision, however, does not address the issue …
TAKEAWAY: Businesses (and anyone else) that allow others to access to their computers should have contractual agreements with those persons that clearly specify the restrictions on their authorization to access and use the computers and data. This is the lesson of United States v. Cave, 2013 WL 3766550 (D. Neb. July 16, 2013), a case in which …
Continue reading “District Court Finds Breach of Contractual Limits on Access Violates the CFAA”
On October 3, 2013, a federal grand jury in Virginia indicted 13 members of Anonymous for conspiracy premised on underlying violations of the Computer Fraud and Abuse Act, 18 U.S.C. § 1030 (CFAA). Those indicted allegedly committed a DDoS attack (distributed denial of service) on certain websites. The indictment (download) has, yet again, stirred up …
Continue reading “Yes, Case Law Says It Really Is A CFAA Violation To DDoS A Website”
New #employment related #CFAA access case: RoadLink Workforce Solutions, L.L.C. v. Malpass http://t.co/6iiAWLNwFn RT @CFAAdigest
Takeaway: Companies that follow these 3 steps can use the Computer Fraud and Abuse Act as a tool to combat the misuse of their computers (and information) by (1) actively monitoring for misuses, (2) taking reasonable steps to actively resist and prevent such misuses, and (3) clearly notifying the transgressor that his authorization has been …
A couple of years ago I blogged about (what was then) the hypothetical question of whether hacking a car would violate the Computer Fraud and Abuse Act. Since that time we have seen the idea of hacking a car become a reality. I have written updated blog posts in shared a video showing how hackers …
Continue reading “Hackers continue to exploit vulnerabilities in car computer systems”
SUMMARY: The two year statute of limitations for Computer Fraud and Abuse Act claim began to run when the plaintiff had an awareness of an unauthorized access into its computer system even if the plaintiff did not know the identity of the alleged perpetrator at that time. This is an update on a previous post: Two …
You must be logged in to post a comment.