blackhat earning methods legality and risks

Black Hat: How cybersecurity incidents can become legal minefields
Facing a cyberattack? Pick up the phone and talk to legal help as well as incident response.

BLACK HAT USA: When a company becomes the victim of a cyberattack, executives are faced with a tsunami of challenges: containing a breach, remediation, informing customers and stakeholders, identifying those responsible, and conducting a forensic analysis of the incident — to name but a few.

black hat usa
CISA to partner with Amazon, Google, Microsoft, Verizon, AT&T and more for cyberdefense initiative
Enterprise players face ‘one-two-punch’ extortion in ransomware attacks
How cybersecurity incidents can become legal minefields
There’s been a rise in stalkerware. And the tech abuse problem goes beyond smartphones
This is how a naive NSA staffer helped build an offensive UAE security branch
IoT mischief takes neighborly revenge to the next level in a capsule hotel
Security researchers warn of vulnerabilities in hospital pneumatic tube systems
However, it is not just the real-world issues faced, in the now, that businesses have to tackle: the legal ramifications of a security incident have become more important than ever to consider.

Speaking to attendees at Black Hat USA in Las Vegas, Nick Merker, partner at Indianapolis-based legal firm Ice Miller LLP said that before becoming a lawyer, he worked as an information security professional — and this experience allowed him to transition into the legal field through a cybersecurity lens.

After being involved in the legal side of over 500 security incidents, including everything from the theft of a laptop to major ransomware incidents, Merker said that many of the pitfalls he experienced could have been “easily avoided with a simple conversation.”

When attorneys are brought into a cybersecurity incident, they need to consider areas including data protection standards (such as HIPAA or GDPR), insurance coverage, liability, the preservation of evidence, and the potential for lawsuits and class-action claims.

Robust IT systems are no longer enough to protect against the financial and reputational harm of cyberattacks, and it is up to legal teams to assist victims in making the right decisions in the aftermath.

According to Merker, during a cybersecurity incident, “IT professionals and security folks, people who are not lawyers, [often] find themselves in a weird solution where they need to think like a lawyer or at least have one there.”

One of the main issues that enterprise players need to consider is attorney-client privilege. The purpose of this is to make sure a client who wants to seek advice from an attorney can say what they want and retain confidentiality — and the attorney cannot be compelled to testify against them.

However, there are misconceptions surrounding this concept — not everything you say is privileged. It might be privileged communication but that doesn’t mean the subject matter is privileged, such as the disclosure of facts surrounding a data breach or cyberattack.

“This does not mean that the underlying factors of a security incident are privileged,” the lawyer said. “This is an important thing to think about.”

If you want to retain privilege, then you need to “paper up” and make sure there are defined lines between investigations, reports, and forensic activity. Specifically, if you want investigations to be privileged, they should be done separately and apart from ordinary business investigations.

A “100 percent, separate team should be in place” and any reports on an incident should be “only used for litigation preparedness rather than as a business-outcome report,” Merker commented.

In addition, it should be noted that corporations can waive privilege, but they cannot necessarily cherry-pick which areas to waive. It may be an “all or nothing” approach in some jurisdictions, and rather than “having your cake and eating it too,” attempts to do so can create further legal challenges.

ZDNET recommends
The best cyber insurance
The cyber insurance industry is likely to go mainstream and is a simple cost of doing business. Here are a few options to consider.

Read now
An example given is a document submitted in court with redactions, whereas the full document, without redactions, was provided to regulators. It may be that this attempt to partly utilize privilege could fail.

In addition, privileged information should stay within protected walls. The lawyer says that if information is shared, such as through an email or by the watercooler, this could result in deposition and could be considered a waiver of privilege.

Another area of legal concern relates to OFAC’s recent warning on potential sanctions when ransomware payments are approved — especially if someone ends up paying as part of a criminal chain that lands in an area with economic restrictions, such as Iran or Cuba. This can create individual or corporate liability and prompt heavy penalties — or even jail time.

If you’re in a ransomware event and you need to pay the ransom in order to get back online, Merker says you should have a risk-based compliance program; a robust structure and risk assessments for whether or not you will pay a threat actor, and you should engage law enforcement immediately. This could be a significant factor determining the eventual outcome, the legal expert noted.

“[Also] getting in touch with us quickly is what you want to do,” Merker added.

Merker emphasised that companies more often “need to actually use an incident response plan in an incident situation,” and said that documentation should be a key focus. Timelines, logs, major decisions, and status summaries should be kept as regulators — or plaintiffs – will be asking questions, and you need to know “what you did, and why you did it.”

“You need to build up a story of what you actually did as a company,” Merker says. “This will also protect the chain of custody [and] you want to make sure you don’t accidentally waive privilege.”

Previous and related coverage
Black Hat: When penetration testing earns you a felony arrest record
Charges dropped against Coalfire security team who broke into courthouse during pen test
Cybersecurity firms battle DMCA rules over good-faith research
Have a tip? Get in touch securely

Add comment


1xbet 35 Accs market 35 Ad Invalid Click Protector 35 Ad Serving Limits 35 Admob 36 ads limit 37 adsense approval 48 Adsense Approval Courses 36 Adsense Arbitrage 177 Adsense Arbitrage Courses 37 ADSENSE ARBITRAGE method 34 adsense blackhat 41 adsense bot 36 adsense click bot 35 adsense earnings 49 adsense loading 40 adsense tiktok 35 AdSense traffic 36 adsterra 51 adsterra arbitrage 36 adsterra earnings 36 Adventure 34 Affiliate Marketing Method 64 Ancient History 73 Android Apps 35 Animals 34 App Development 35 Arbitrage Method 38 Autoblog 35 autopilot passive income 35 Autopilot Websites 39 Blogger 36 bot 36 Bots 35 Boxing 34 Business 34 Car Racing 34 Celebrity News 77 Cooking 34 CPA build 44 CPA earnings 37 CPA grip 40 CPA marketing 34 cpagrip payment method 35 CPAlead 35 crypto 35 Cryptocurrency 35 diabolic traffic bot 35 ebay 37 ebay earnings 37 Education 2 Epic traffic 2 facebook ads 3 Fake traffic 1 Fiverr 3 Freelancer 1 freelancing 1 Google Admob 1 Google Ads 1 google adsense 31 hooligan media 1 Information 1 Interview 4 Invalid Traffic 1 Job Alerts 10 Job Seeking 1 monetized youtube channel 10 Monetized YouTube Channels 1 Motivational 37 Movies 42 Native Ads 4 Native advertising 1 ogads 4 Old School Cars 35 Online Courses 1 Online Shop 1 Passive Income 38 picoworkers 1 Prolancer 2 Propeller Ads 1 PSYCHIDELICS 22 Ready Monetized 5 Reddit 3 Reddit Ads 1 serving limited 1 Shopify 3 shopify dropshipping 1 shopify earnings 2 shopify sales 1 Stocks earnings 1 Stocks Trade 1 Taboola 3 Taboola ads 3 tiktok ads 1 Traffic Arbitrage 1 traffic arbitrage cpa 2 traffic bot 2 traffic generator 2 Uncategorized 1709 warrior plus 1 WarriorPlus 1 website traffic 10 youtube channel 15 YouTube Channels For Sale 6 youtube earnings 7 youtube monetization 8 Youtube shorts 1 youtube subscribers 2 YouTube Videos 2 youtube views 3

Sign up to receive the latest
updates and news

© 2023 - Techyrack