Articles Posted in Cybersecurity

Smart devices are being sold to consumers and businesses on a regular basis. They include smart phones, smart cars, smart televisions, smart thermostats, smart doorbells, smart bulbs, smart locks, smart watches, smart speakers, smart refrigerators, and other electronic devices. These smart devices can be recording you or collecting personal data without your knowledge or consent.

Privacy in the internet and technology age has become a major concern. This is primarily due to the existence and availability of smart devices which are even referred to as “smart spies” because they can record and transfer personal information to the hackers who use technical flaws to install spyware. This is why it’s important to review the security settings of the smart device on a regular basis. For example, smart televisions are connected to the internet, and if they are hacked into, they can easily be used for nefarious purposes. Smart speakers and digital assistants are listening to voices and that is why they can be a threat source for their users. They are constantly collecting information with or without the user’s knowledge or consent. There may be a way to delete the recently-recorded information by telling the smart device to delete the last conversation but consumers should read the user’s manual to learn about the options.

Smart doorbells, which are part of a home’s security surveillance system, have cameras and are connected to the internet. Therefore, they can be hacked into and used to record activities. For example, Ring has been questioned for sharing video recordings with police departments and third-party service providers such as Facebook and Google without the user’s knowledge or consent. It is important to view the “authorized client devices” feature to understand which device is accessing the account.

Internet fraud and scams have exponentially increased in recent years. There are several reasons for this development which include the expansion of technology and usage of electronic devices in our daily lives.

The fraudsters find different ways to retrieve sensitive or confidential information in order to commit their crimes. For example, they may extract the information by dumpster diving next to corporations and financial institutions. There have been cases where sensitive information of a corporation’s employees was extracted without authorization. They may also engage in “shoulder surfing” which is another way to surreptitiously extract confidential information from the unsuspecting victim. These activities usually take place close to a bank’s ATM in order to steal the victim’s debit card PIN. They can also use what is referred to as a “skimming device” as a way to obtain sensitive information from debit or credit cards. These devices can be placed on ATMs to procure the confidential information without suspicion. The fraudsters can also obtain sensitive or confidential information by breaking and entering into the victim’s property. This way, they can look into the victim’s house or vehicle for valuable items or confidential documents.

There is a long list of internet fraud methods such as auction scams, rental scams, dating scams, lottery scams, and charity scams. The criminals are finding new ways to trick their victims into relinquishing valuable information – e.g., address, telephone, date-of-birth, social security number, debit or credit card number. Social engineering is another method to obtain information which is usually done by gaining the victim’s trust. It has become one of the main methods for extracting valuable information from unsuspecting victims. The internet allows culprits to anonymously communicate with their victims which is the major issue in lawsuits simply because it takes time and effort to launch an investigation. Our law firm is able to unmask the anonymous culprit’s identity by using the proper tools and techniques. We have access to a network of experts and investigators who can help our clients. We have also established relationships with local, state, and federal law enforcement agencies.

Sextortion is a type of online blackmail. It’s one kind of sexual exploitation that takes place on the internet when an anonymous individual threatens to distribute the victim’s explicit videos or pictures if he or she does not comply with the demands which can include transferring funds through digital currencies. The culprit may use a webcam to extract private information and make threats to harm the victim if the victim fails or refuses to comply with the demands.

The culprit usually follows his victims on websites and chatrooms to gain their trust. The culprit may send a message to the victim that has malware in an effort to hack into the victim’s electronic devices. The victim can make the mistake of clicking on the link which releases the virus on to the computer. The infected computer is now compromised and can be used for nefarious purposes.

The courts have been dealing with sextortion since it is a new problem in the technology age. The law prohibits the non-consensual dissemination of intimate pictures or videos but the litigants or their lawyers have been using laws related to harassment, extortion, bribery, or child pornography. For example, 18 U.S.C. § 2251 prohibits sexual exploitation of children. The following federal statutes could be relevant to these activities: 18 U.S.C. § 2252, 18 U.S.C. § 2422, and 18 U.S.C. § 875.

There are state and federal privacy laws that are applicable to consumers and commercial organizations. There has been much activity with the collection and distribution of private or confidential information in recent years. Personal information can be collected through several methods such as voluntary disclosures, cookies, website bugs, tracking software, malware (e.g., worms, trojans, spyware), and phishing. For example, tracking software can be used to collect information but there must be proper disclosure. Nonetheless, criminals do not follow the rules or guidelines and it is a known fact they have access to the tools and techniques to extract customer information without obtaining authorization.

Personal information is certainly valuable to its owner. It is also valuable to a bad actor who is seeking to misuse the personal information without authorization. The bad actors who obtain personal information in a secretive manner are planning to gain a profit. They may engage in identity theft or online impersonation by using the wrongfully obtained personal information. Identity theft has caused a significant amount of monetary damages to the victims. There are state and federal laws that prohibit identity theft in every jurisdiction. The National Conference of State Legislatures provides a comprehensive list of these laws. In California, the following state laws prohibit identity theft and provide remedies:

1. California Penal Code § 368: It prohibits identity theft against elders and disabled persons;

Quantum computing technology will certainly have an effect on state, federal, and international laws. A quantum computer is a much more capable electronic device and has the ability to process data faster.  In general, computers can manage, control, and process information by using individual bits that store information as binary 0 and 1 states. The so-called “bits” are electrical or optical pulses that come in the form of 0s and 1s. Now, quantum computers leverage quantum mechanics to process information by depending on quantum bits – i.e., qubits. The so-called “qubits” are subatomic particles like electrons or photons that are isolated in a controlled quantum state.

What is a quantum computer?

A quantum computer is a complicated electronic device that has several components such as a Qubit Signal Amplifier, Input Microwave Lines, Superconducting Coaxial Lines, Cryogenic Isolators, Quantum Amplifiers, Cryoperm Shield, and Mixing Chamber. It is a sophisticated system that works through “quantum superposition” and “quantum entanglement” for enhanced computing processes.

Cryptojacking (or “malicious cryptomining”) happens when the culprits hijack a third party’s network bandwidth without authorization to use for their cryptocurrency mining efforts. The malicious software conceals itself on the electronic communication device and utilizes its resources. Obviously, the culprits engage in such clandestine activities to gain profit or else they would spend their time and energy on other matters.

Cryptocurrencies are digital funds stored on electronic wallets (also known as “virtual wallets”) that are encrypted and exist on electronic communication devices. They are considered a new kind of digital assets. Coins are cryptocurrency units which are entered into a database for recording the transactions. The digital transaction takes place online between the virtual wallet owners and recorded on a public ledger. Then, special computers transform the digital transaction into a complicated mathematical puzzle, and thereafter miners independently solve and confirm the digital transaction. The reward for solving the mathematical puzzle is to receive a new cryptocoin. So, as time has progressed, the mining efforts have increased and caused a significant amount of money to be spent on the process. There are miners who have created “computer farms” and dedicated a vast amount of specialized hardware and software programs.

Unfortunately, in most cases, when you fall victim to cryptojacking it will go unnoticed. You may realize your electronic communication devices are slowing down or using too much bandwidth even though it’s not necessary. There are reports indicating the culprits have been detected on mobile devices, cloud servers, and critical datacenters. Now, some companies have been able to defend against cryptojacking by upgrading browsers and malware scanners. However, as always, the culprits will try to circumvent these defense mechanisms. For example, there is a report from an international cybersecurity firm confirming a cryptojacking campaign against a specific brand of routers. This attack exploited a flaw in the network routers and infected them. So, in short, the culprits used the flaw to promote their cryptojacking scheme.