If you are a healthcare provider, you need to prepare yourself now for the new reality that, when hackers get into your network, they will contact your patients to put pressure on you to pay their ransom demands — usually after they have encrypted your network. Here is an example from a recent case that … Continue reading Healthcare Providers – Are You Prepared for Hackers to Tell Your Patients About Your Ransomware and Data Breach?
There is more and more talk about companies hacking back against those who attack them in cyber space and whether allowing them to take such measures is a good idea. Right now, hacking back, or active defense, as it is often called, is illegal under the federal unauthorized access law, the Computer Fraud and Abuse … Continue reading What does it mean to “hack back” and is it a good idea?
In United States v. Anastasio N. Laoutaris, 2018 WL 614943 (5th Cir. Jan. 29, 2018), the United States Fifth Circuit Court of Appeals affirmed a jury verdict finding Laoutaris guilty of two counts of computer intrusion causing damage, in violation of 18 U.S.C. § 1030(a)(5)(A) and (c)(4)(B)(i) of the Computer Fraud and Abuse Act. Laoutaris … Continue reading Fifth Circuit Upholds CFAA Conviction for Former Employee’s Misuse Causing Damage Based on Circumstantial Evidence
Hear Shawn Tuma interviewed on News Radio 570 KLIF - Experts: Update Settings and Download Updates to Protect from “Meltdown” and “Spectre” CLICK HERE if you are impatient and only want to know what you should do ASAP to protect against Spectre and Meltdown With Y2K we had a warning. So much of a warning that … Continue reading Y2K18? Are #Spectre and #Meltdown the Y2K Apocalypse, Eighteen Years Late?
As a teaser to my presentation at SecureWorld - Dallas last week, I did a brief interview with SecureWorld and talked about three of the points I would make in my lunch keynote, The Legal Case for Cybersecurity. If you're going to SecureWorld - Denver next week, join me for the lunch keynote on Thursday (11/2) … Continue reading 3 Legal Points for InfoSec Teams to Consider Before an Incident