More Cyber Criminals Targeting your Identity, Including Bad Guys in China!

27 February 2015 Internet, IT & e-Discovery Blog Blog
Authors: Peter Vogel

According to a recent report groups in “China continue to target Western interests, but there has been a shift in focus from the theft of intellectual property to identity information” according to BusinessInsurance.com which drew these conclusions from a February 23, 2015 recent HP report entitled “HP Security Research, Cyber Risk Report 2015” which also stated:

Activity in the cyber underground primarily consists of cyber crime involving identity theft and other crimes that can be easily monetized.

The 7 key themes of the HP Report are:

Theme #1: Well-known attacks still commonplace – Based on our research into exploit trends in 2014, attackers continue to leverage well-known techniques to successfully compromise systems and networks. Many vulnerabilities exploited in 2014 took advantage of code written many years ago—some are even decades old.

Theme #2: Misconfigurations are still a problem – The HP Cyber Risk Report 2013 documented how many  vulnerabilities reported were related to server misconfiguration.

Theme #3: Newer technologies, new avenues of attack – As new technologies are introduced into the computing ecosystem, they bring with them new attack surfaces and security challenges.

Theme #4: Gains by determined adversaries  – Attackers use both old and new vulnerabilities to penetrate all traditional levels of defenses.  They maintain access to victim systems by choosing attack tools that will not show on the radar of anti-malware and other technologies.

Theme #5: Cyber-security legislation on the horizon – Activity in both European and U.S. courts linked information security and data privacy more closely than ever. As legislative and regulatory bodies consider how to raise the general level of security in the public and private spheres, the avalanche of reported retail breaches in 2014 spurred increased concern over how individuals and corporations are affected once private data is exfiltrated and misused.

Theme #6: The challenge of secure coding – The primary causes of commonly exploited software vulnerabilities are consistently defects, bugs, and logic flaws.

Theme #7: Complementary protection technologies – In May 2014, Symantec’s senior vice president Brian Dye declared antivirus dead and the industry responded with a resounding “no, it is not.” Both are right. Mr. Dye’s point is that AV only catches 45 percent of cyber-attacks —a truly abysmal rate.

No surprises in this HP report!

This blog is made available by Foley & Lardner LLP (“Foley” or “the Firm”) for informational purposes only. It is not meant to convey the Firm’s legal position on behalf of any client, nor is it intended to convey specific legal advice. Any opinions expressed in this article do not necessarily reflect the views of Foley & Lardner LLP, its partners, or its clients. Accordingly, do not act upon this information without seeking counsel from a licensed attorney. This blog is not intended to create, and receipt of it does not constitute, an attorney-client relationship. Communicating with Foley through this website by email, blog post, or otherwise, does not create an attorney-client relationship for any legal matter. Therefore, any communication or material you transmit to Foley through this blog, whether by email, blog post or any other manner, will not be treated as confidential or proprietary. The information on this blog is published “AS IS” and is not guaranteed to be complete, accurate, and or up-to-date. Foley makes no representations or warranties of any kind, express or implied, as to the operation or content of the site. Foley expressly disclaims all other guarantees, warranties, conditions and representations of any kind, either express or implied, whether arising under any statute, law, commercial use or otherwise, including implied warranties of merchantability, fitness for a particular purpose, title and non-infringement. In no event shall Foley or any of its partners, officers, employees, agents or affiliates be liable, directly or indirectly, under any theory of law (contract, tort, negligence or otherwise), to you or anyone else, for any claims, losses or damages, direct, indirect special, incidental, punitive or consequential, resulting from or occasioned by the creation, use of or reliance on this site (including information and other content) or any third party websites or the information, resources or material accessed through any such websites. In some jurisdictions, the contents of this blog may be considered Attorney Advertising. If applicable, please note that prior results do not guarantee a similar outcome. Photographs are for dramatization purposes only and may include models. Likenesses do not necessarily imply current client, partnership or employee status.

Authors

Related Services

Insights

The DOL Tries to Say Goodbye—And Seriously, We Mean It—to the 80/20 Rule for Tipped Employees
21 October 2019
Labor & Employment Law Perspectives
To Stalk or Not to Stalk . . . That Is the Question – Using Social Media for Applicant Review
21 October 2019
Labor & Employment Law Perspectives
New Patent Subject Matter Eligibility Updates Seeks Examination Predictability
21 October 2019
Legal News: Intellectual Property
Cryptocurrency in China is like BIG BROTHER in 1984!
20 October 2019
Internet, IT & e-Discovery Blog
PATH Summit 2019
18-20 December 2019
Arlington, VA
MedTech Impact Expo & Conference
13-15 December 2019
Las Vegas, NV
Review of 2020 Medicare Changes for Telehealth
11 December 2019
Member Call
BRG Healthcare Leadership Conference
06 December 2019
Washington, D.C.