Send an Email

Hackers For Hire Target Law Firms

It appears, in the latest cyber report that hackers for hire, named ‘Dark Basin’ by researchers, have set their sights on the legal industry.

The group is said to have used the notoriously common and most successful cybercrime tool, phishing to dupe those in the legal sector to reveal personal details.

The University of Toronto completed a study that has revealed that the group has targeted thousands of individuals and organizations across six continents.

Read more…

Surveillance Law | Enhanced View

Essentially, surveillance enhanced view allows one to view a scene with more clarity and detail by increasing or improving in value, quality, desirability, or attractiveness.

Currently, there are no existing laws regarding enhanced view, but rather guidelines outlined in rulings determined on a case-by-case basis.

During any given surveillance, there can be three forms of enhanced view. They include:

  1. Assuming an aided, unnatural, or contorted position
  2. Illuminating an otherwise darkened area
  3. Magnifying what is visible to the “naked” eye, or otherwise not visible

The use of enhancement devices, in and of themselves, are lawful. Surveillance professionals often use tools that can magnify a view, such as binoculars and zoom lenses on cameras and camcorders. Using such methods has been upheld in many instances as constitutionally proper; however, not all enhanced views are appropriate. Until such time that the Supreme court addresses the issue of enhancement methods or tools, the lower courts will continue to use their discretion in determining which enhancements are lawful.

Let’s address some of these issues. The lawfulness of the surveillance is often determined by the positioning of the investigator in relation to the location of the subject.  To avoid this jeopardy, the professional investigator must frequently assess, “to what extent are my enhancement efforts violating a subject’s expectation of privacy?”

We have not yet seen decisions on surveillance of activities on public streets or other public areas being a violation of the Fourth Amendment. However, surveillance in public areas such as public restrooms or dressing rooms, and locker rooms, may violate the civil rights of those viewed.

The courts have established specific guidelines of visual enhancements when the area under observation is more private, such as a home or fenced yard; however, those guidelines vary in different jurisdictions. In that light, an investigator may observe a home from public areas, such as parking lots, public streets, or any area that can be accessed by the public.

Courts support photographing activities that can be seen with unaided vision or enlarging photographs that merely enable one to see items that were in plain view, though in greater detail.  In the opinion of the courts, guidelines for using mechanical devices to enhance a view into the home also differ dramatically.

Can a surveillance professional use an enhancement device to view from a distance (to avoid detection) any activity that could have been observed with the unaided vision from a closer vantage point, i.e., enhanced views that are confined to the window area of a residence? Yes. Any activity viewed inside the home must be viewable from a public space. Courts look more favorably on the use of enhancement devices, which simply confirm those activities observed with unaided vision.  An enhanced view is lawful in instances when the observations are not in an attempt to see something that is not in plain view without the enhancement device.

Finally, it is important to remember that each situation is uniquely different when dealing with legal issues of enhanced views.  In general, visual enhancement devices are not illegal, however, their application relates to specific parameters.  These parameters are determined by the particular area in which the effort is conducted and the protections that area affords to the people in these areas.  The protections may be established by a subject’s reasonable expectations as well as the efforts of the subject to ensure privacy.

This article is not intended to provide legal advice. It is the sole opinion of the author. Be sure to seek professional legal guidance. And perhaps equally as necessary, communicate what you are doing with your client as they would likely experience any adverse outcome of a surveillance operator’s illegal or unethical activities.

For further information about our professional surveillance capabilities, call (253) 852-7000 or complete the online Contact Form.

Mom reaches $2 million settlement with apartment owner

Naomi Jones’ mother has reached a settlement with Aspen Village Apartments’ management and ownership in a lawsuit alleging negligent security at the complex led to her 12-year-old daughter’s murder.

On Monday, attorneys for Shantara Hurry announced they had settled with apartment complex owner, Aspen Village Acquisition LLC, for $2 million. Hurry also reached a settlement with the management group, Progressive Management of America Inc., under confidential terms.

Hurry said she hopes the case causes other apartment complex owners to improve their standards of monitoring who is living or visiting a property.

Read the rest of the story here.

Tenant Blames Shooting on Lack of Security After Drug Arrests

An Opa-locka tenant who was shot after confronting a drug dealer claimed the landlord should have boosted security after 10 drugs arrests in three years.

A tenant who was shot outside his Opa-locka apartment complex reached a $1 million settlement in a negligent-security lawsuit against the property owner.

Read more in this article by Law.com.

Warning As Millions Of Chinese-Made Cameras Can Be Hacked To Spy On Users: Report

Despite more awareness of the risks associated with Chinese surveillance equipment, the news this week that cameras from the world’s second-largest manufacturer of such devices can be used to secretly listen in to users still comes as a shock. Put simply, the newly disclosed backdoor vulnerability means that millions of cameras have been carrying the potential to be used as eavesdropping devices—even when the audio on the camera is disabled.

 

Read more in the article by Zak Doffman of Forbes Magazine.

Are you doing enough to protect your Intellectual Property?

We all know that intellectual property is the lifeblood of innovation, but are you doing enough to protect it?

Intellectual property (IP) plays an essential role in innovation, with new ideas perpetuating a successful economy. Information is a significant commodity of any business, of interest to competitors and third parties and has a high profile on a wide scale, particularly shown by recent interest around several foreign national companies.

Some businesses believe that their IP isn’t of much interest to anyone outside of their business and that their competitors aren’t a concern. However, what if the IP was simply harvested via a third-party, who picked it up as part of a wide-scale security breach, and then sold on the dark web or to targeted firms? Even if your IP isn’t of much interest in terms of face value, it causes other issues, including reputational damage. It can also bring significant financial penalties through regulatory breaches.

There are potentially thousands of subversive, third-party entities who want your data and can profit from it, one way or another. This undercuts any success a company may enjoy and may very well damage the future of the business. There is good news, however! You can deploy strategies to protect your IP, and these lessons can be applied across the entire business.

IP theft is on the rise, and the threat landscape is well beyond the days of “cloak and dagger”.

Your ideas are under attack

Step one of this process is understanding the nature of security threats to IP. Technological development and the interconnected nature of the digital world has made IP theft far easier than ever before, especially given that the majority of security breaches that go undetected.

If asked, can you be confident that an unauthorized IP intruder has not programmed your digital or VOIP desktop telephone or voice network to listen to conversations in any given room even when the phone is “on the hook”? Many do not realize this programming effort only takes a few seconds to deploy.

It’s also important to remember information can easily be accessed outside of the “secure” network, such as personal devices connected to corporate systems. Are these devices being continually assessed? Not a day goes by where we don’t see a news story of devices being discovered. Insiders can either intentionally or incidentally breach even the most secure environment.

And then there the common sense approach. Businesses must make sure critical information isn’t being left on printers or simply dropped in a paper bin. Is your secured shred bin secure? We find they rarely are. If you want to breach a company, being on the cleaning staff is an easy way to get access.

Defending against thieves

Both insider and outsider threats facing IP are significant, but there are steps which can be taken to effectively deter or defend against attackers and minimize the risk that innovative ideas are stolen. Identifying and assessing IP on a regualar basis is a necessary first step in protective measures. It’s also important to look at where and how and where your IP is both stored and secured, how it’s transferred within a company network, and perhaps most imporantly, who has access to it.

Next, how do you categorize your IP? What is potentially valuable to competitors or cyber thieves? Is it afforded higher levels of protection than standard data? In short, businesses should be considering all of the threats to that information and then assigning controls to those risks.

Company-wide improvements

Beyond technological defenses, there are additional steps that can be taken to benefit the business.

Educating company employees on a continual basis about threats such as spear phishing and social engineering is a good start.

Establish a thorough, frequently assessed human access control program. Recognize and reward program participants. Those human eyes and ears may very well be more important than the technology behind even the very best systems.

The instilling of a positive attitude towards continuous vigilance and process improvement will deliver significant day-to-day benefits for a company, which will extend far beyond protecting IP

Initiate an on-going, random schedule of surveillance countermeasures sweeps. Random so that the “watchers” will not know when. Scheduled as part of your continued diligence.

Defending innovative ideas is vital, but it doesn’t have to be done in isolation. Instead, it should form part of a broader IT security strategy that continually evolves and develops. A good way to ensure this continual improvement is to invest in implementing the ISO 27001 standard – is a best practive. Not doing so could be considered negligent.

We would appreciate an opportunity to share with you how we can either help you build a successful IP Security Program, or be an active, value-added partner in your ongoing efforts to protect your Intellectual Property from those intent on causing your business harm. For further information about how Trident can assist you, please contact us at (253) 852-7000

ASML Awarded $845M in Damages and an Injunction for IP Theft

On May 3, 2019, following a jury verdict rendered months earlier, a California court entered a final judgment for $845 million in favor of semiconductor maker, ASML, in its suit against rival, XTAL, for stealing trade secrets related to ASML’s lithography technology. More…

TIP: Damages in trade secret cases can be significant, as demonstrated by this case, which underscores the importance of companies taking proactive steps to be ready to effectively respond if theft occurs.

Do you have a Workplace Violence Policy and Emergency Management Plan?

Recent FBI/DOJ statistics show that workplace shooting events are on the rise. Leaders and managers are increasingly aware of the need to prepare for these threats. At the same time, research shows that the larger the organizations, the least amount of effort are given to effective and proper planning, preparation, and resiliency.

Shooting incidents are forcing the security sector to revisit best practices and standards in the effort to protect an organization’s assets and people. Take note gentle readers; a training class is not a best practice or standard! With what is a rise in frequency, scope, and severity of mass casualty attacks, organizations as a whole must fundamentally change how they react to violent events. We generally find that our cleints are significantly behind the curve.

As we revise planning and education procedures around active shooter incidents, research shows that we are not moving quickly enough to develop realistic training, drills, and scenarios to shape best-practice response efforts. Further, there is an ever-increasing need for more effective utilization of technology to better communicated and account for people in the heat of these attacks.

Emergency Management Cycle

Here are some important recommendations to consider:

  1. Establish a Workplace Violence Policy, and, Emergency Management Plan. Every organization needs a clear, concise, and deployable policy and plans for a proper response to incidents of violence. Typically, policies and plans provide critical guidance as to how people and incidents are to be managed.
  2. Include active shooter-specific response procedures in your Workplace Violence Policy and Emergency Management Plan. Include specific procedures in your plans; who does what, how, when, and where. Ensure that all employees have access to and understand the plan.
  3. Conduct regular training with your personnel. Properly train, and then retrain, your employees about your overall workplace violence policy and plan, to include a shooting event. Employees should be adept in how to report threats and how to respond during violent events.
  4. Develop a relationship with local law enforcement agencies. We all must be prepared to work closely with local law enforcement. They have a plan; does it parallel yours? The last thing you need is to yourself in the weeds exchanging information during or after the incident has occurred. Reach out to your local law enforcement agencies and develop a relationship with them well in advance of any problems. Let them both train in and get to know your facility better. Perhaps they will practice with you.
  5. Deploy an Emergency Communication System. Communication is key to critical incident notification. Numerous, reasonably-priced, third-party systems are available to you. Effective emergency communication often makes the difference between life and death.
  6. Maintain up-to-date employee information to best facilitate your Emergency Communication System. While violence may not be preventable, accurate, effective, and timely communication will save lives.
  7. Conduct regular simulated workplace violence events with your incident response team with a focus on the post-event aftermath and its effect on people and the continuity of business. A violent event may last minutes. However, the repercussions could last for years. Also, be sure to include your Emergency Communication System in your exercises and testing.
  8. Finally, how often should I test? That is probably the most simple question to answer; you test and retest and retest to competency.

For further information about how Trident can assist you in a Violence Mitigation Program or Emergency Management Plan, please contact us at (253) 852-7000.

Signup for Blog Posts

Get our most recent posts sent to your email inbox!