From Russia (and Asia) with Love: Cyber Warfare and the growth of State-Sponsored Hacking

By Joseph Raczynski

The 5th Annual Law Firm CFO/CIO/COO Forum

The scope of the threats to law firm data is global.  In this panel discussion at the Data Privacy, Security & the Globalized Law Firm CFO/CIO/COO Forum, a country by country breakdown of dangers were discussed while the audience absorbed the magnitude of the panels concern.

Eben Kaplan, Senior Consultant, Control Risks; Josh Goldfarb, CTO, FireEye; Jay Healey, Senior Research Scholar Columbia University; Robert Knake, Senior Fellow for Cyber Privacy, Council on Foreign Relations; Daniel Sutherland, Associate General Counsel, Homeland Security demonstrated that each entity had various motives and techniques for cyber-attacks.

Who, Why, and How?

Who: China – They have a defined plan with tactics and procedures.

  • Why: They are primarily seeking intellectual property with a new focus on firms that retain such information, especially those with newer IP clients (Target: Silicon Valley – DC based firms)
  • How: They focus on social engineering
    • Text messages, Spear fishing
    • Looking for the weakest link at the firm – someone who will click a link
    • Watering hole attack – In this tactic, China compromises a trusted third party site so the primary target would not suspect it and then in turn it becomes infected. Example: A famous Think Tank’s website is compromised – Big Law firm goes to the site and gets infected… the target was the Big Law firm and they got infected indirectly.

Who: Russia – They are one of the most experienced countries at hacking.

  • Why: Money, but increasingly they are focused on IP, so law firms should be aware of this.
    • They are quieter and more careful than China
  • How: They are using more BotNets, worms and malware than China

One interesting concern expressed on the panel is that Russia is very worrisome for the United States at the moment.  The rule of thumb was that countries which could hurt the US years ago did not because they did not have a desire to do so.  On the other side, those who wished to do harm did not have the bandwidth.  This has changed.  Putin is leading Russia down the road of an attack on the US, and they have the skills and bandwidth to do significant harm.

Who: North Korea – They are still new in this arena but improving quickly.

  • Why: Political
  • How: Uniquely North Korea is buying its capability to attack from the Dark Web, or hackers for hire. They used black hat hackers to launch the Sony attack and it was very successful.
    • They are brazen in their approach but until recently have not been as interested in law firms.

Who: Iran – They too are improving quickly

  • Why: Political
  • How: They have started leveraging worms that were used on them by other countries like Israel.

The Saudi Aramco Wiper Worm was a virus/worm supposedly created by Israel and launched on the Saudi company’s network.  It reportedly wiped clean 75% of the world’s most profitable company’s computers and left only an image of a burning American Flag.  Iran may have adapted the worm from something that had been launched on them years before by Israel.

The thrust of the panel discussion were that the threats to law firms are far and wide.  While some nation states have not traditionally sought out law firms, there is keen interest in IP and M&A information.  In closing Josh Goldfarb, CTO, FireEye mentioned some startling statistics.  While they were installing hardware on their customer networks, many of which were law firms, they found of 1,216 customers tested that 97% of them were compromised.  Even more fascinating was that 25% of those compromised networks were by other nation states.  This underscored the importance of understanding who is knocking at your firewall and what they are seeking.

 

 

Twitter the Next Biggest Connective Development for Humans

By Joseph Raczynski

“Twitter could be the next biggest connective development for humans, bigger than TV.”

That is what someone who has been working with the development of Twitter told the audience at a legal technology conference I was at in NYC a few months ago.

Here is the rationale.  Think of Twitter as an army of millions of mobile reporters.  People tweet all over the world.  People tweet in war zones, at major events, but more importantly they tweet where an event happens and there are no news reporters available, yet.  They are the first person on the scene accounts.

The key to this whole development is the open API which allows for applications to be created by anyone so that Tweets can be gathered, processed and understood in mass.

News companies are major adopters of reading Tweets.  In fact, there is an application that categories Tweets coming from different parts of the world, or state, or topic area.  They search on key words like “Middle East” or “Bomb” or “Providence”… whatever you can imagine.  They have huge digital boards, and people can monitor all the activity of the tweets that come in, and see what those army of millions of mobile reporters are saying.  To make this all better… People can also send pictures, and I see video is not too far behind.  So think about a breakout of a mob in Southie… people would Tweet on that and send pictures far before some news crew could get there.  It is like news immediately, even more immediate that what we have traditionally thought of as immediate.

The big part that people miss is the search function.  Go to http://search.twitter.com from that site you can search on anything you like.  Look for a restaurant in your area that you wonder if is any good.  People probably have tweeted about it.  Marketing companies are finally seeing this as a way to find out what people think about good or services in real time.

When you tweet, you are actually tweeting to the whole world, so ask a question, and you are likely to get an answer.  The bigger following you have the better the response.  When I was in NYC I asked about a restaurant… I said, “What do people think of 5 Napkin Burger”?  And via my immediate responses, I got a good sense that the place is damn solid.

So from my vantage point, it is a cool app, in its infancy.  There is way more to it that some guy saying, “I just ate a whole cherry pie.”  Seriously, it will make waves for a reason, and will continue to do so.