Ride The Lightning

It continues to amaze me how law firms fall for phishing scams, sometimes believing that they might have a potential client and sometimes, as here, clicking where they shouldn't click. The latest law firm is Wallace & Pittman PLLC in North Carolina who reportedly got scammed to the tune of over $300,000.00.  And it only went downhill from there.

E-mail: snelson@senseient.com          Phone: 703-359-0700

www.senseient.com

http://twitter.com/sharonnelsonesq

Those in the cybersecurity field will know The Honeynet Project, but many of my readers will not.

The Honeynet Project is an international 501c3 non-profit security research organization, dedicated to investigating the latest cyberattacks and developing open source security tools to improve Internet security. While the Project involves a lot of terrific work, nothing is as striking as its real time mapping of cyberattacks.

So get a cup of coffee and keep watching for a few minutes as the real time cyberattacks populate the global map. (Use Firefox for better visuals). In a word, sobering.

E-mail: snelson@senseient.com          Phone: 703-359-0700

www.senseient.com

http://twitter.com/sharonnelsonesq

One of our great joys is rambling around the ABA TECHSHOW Expo Hall, seeing old friends and keeping up with new developments. Here are two products we especially liked.

We visited with our friends at Reed Technology. We like their product, Web Preserver, which allows legal professionals to automatically record their social media and Web evidence, keeping valid, high-fidelity archives of all the pages visited, including those requiring passwords (where the passwords have been provided, as for company social media sites). The Web Preserver tool even automatically stamps a digital signature for each archived page.They've made several neat enhancements to the services including scheduled URL and RSS capture and the all new SM@RT Preserver. The service is affordable and a great solution for lawyers and investigators who need to preserve social media forensically.

Mac users will be thrilled to learn that World Corporation had live demonstrations of their soon-to-be- released Worldox for Mac product. With most of the major features of the Worldox document management product, this is the first native Mac product from a major legal DMS player. They had a lot of traffic at the show - even existing customers are seeing Macs enter their computing environment and are delighted to see Worldox for Mac.

E-mail: snelson@senseient.com          Phone: 703-359-0700

www.senseient.com

http://twitter.com/sharonnelsonesq

We'll talk about other folks tomorrow, but here are some our favorite moments from our sessions at ABA TECHSHOW:

One segment we had to love was John’s demonstration of the Pineapple Mark IV, a device which pretends to be wireless networks that your devices knows. So when your device says “Hilton, are you here?” The Pineapple answers “Yes, I am.” And BINGO, you connect without knowing who you are connected to. In a session with a little over 50 people, 42 of them connected to the bogus network John had set up. The consternation when John and co-presenter Chris Ries revealed the connections live was hilarious. Our friend Courtney Kenneday from the South Carolina Bar looked at me and queried with concern, “What is my iPad doing? What is John making it do?” Yup, dangerous out there.

Later that day, John presented with Tom O'Connor and gave a demo of the SpoofCard. He got two audience members to give him their cell phone numbers and then used his SpoofCard account to call one attendee's phone - but the number that showed up as the caller's phone was the other attendee's phone number. Several loud gasps. Disgruntled spouses and ex-spouses are big users of the SpoofCard. But you can use it legitimately to show your office number so that clients don't get your cell phone number. Audience members liked that idea a lot.

We were honored to be the presenters at the plenary session on Saturday morning: On the Digital Trail of the Craigslist Killer. It has always been an audience favorite, but we turned it into a nearly "all-image" presentation (frightening because we had to keep a lot of facts in our head). It was gratifying to see so many people on the edge of their seats and to receive truly thunderous applause at the end. It made all the work to present it minus most of the text worthwhile.

As always, we are now exhausted but happy. Kudos go to the entire ABA TECHSHOW Board, but most especially to Chair Britt Lorish who did an outstanding job at the helm.

E-mail: snelson@senseient.com          Phone: 703-359-0700

www.senseient.com

http://twitter.com/sharonnelsonesq

The Federal Bureau of Investigation's use of a controversial cell phone tracking device is being scrutinized by an Arizona federal court. Daniel Rigmaiden, a California man accused of identity theft and tax fraud, was arrested in 2008. Advocacy groups learned that the FBI used a stingray device - technology that simulates a cell phone tower to siphon the data of any mobile user within a certain vicinity. As you might expect, a battle ensued on whether its use violates Fourth Amendment protections against “unreasonable” search and seizure.

The American Civil Liberties Union (ACLU) argued before the court that it does.

Chris Soghoian, principal technologist for ACLU's speech, privacy and technology project, said that while stingray surveillance has been public knowledge since the mid-1990s, the courts have yet to take an adequate stand on whether its use is legal.

In addition to ACLU's concerns about innocent bystanders' mobile data being collected by stingrays, it challenges whether Rigmaiden's whereabouts were illegally obtained by the FBI, which obtained a court order (not a search warrant) to use the snooping device.

Rigmaiden and a group of conspirators were accused of filing approximately 1,900 fraudulent tax returns to garner more than $4 million in refunds, according to court documents. The alleged crime ring used approximately 175 different IP addresses to file the returns, and the investigation led law enforcement to believe an automated filing system was used by the group, as multiple fraudulent returns were quickly filed from a single IP address.

In an amicus brief filed last October by the ACLU and the Electronic Frontier Foundation (EFF), the stingray devices have been called “IMSI catchers” by technologists, because they capture International Mobile Subscriber Identity numbers, which are unique identifiers that can help authorities determine the location of mobile phones or air cards.

The FBI maintains that it deleted third-party mobile data collected in the Rigmaiden investigation, but ACLU and EFF stand by their grievances with stingray surveillance.

“It's basically like a game of Marco Polo," Soghoian said. “The [device] says Marco, and every phone in the area says, Polo. In terms of the use of this device with the FBI, there are a lot of concerns.”

The ruling on whether the government violated Rigmaiden's rights and whether the information collected must be thrown out, is expected in the next few weeks.

I'm following the case with interest - and particularly question whether the FBI, which seems to want all data, properly handles the data of the innocent civilians which is picked up in these sorts of investigations.

Thanks again to Dave Ries for passing this story along. Note that my partner/husband John Simek will give a demo of a very similar technology tomorrow at ABA TECHSHOW with Dave's son Chris. Scary tech indeed.

E-mail: snelson@senseient.com          Phone: 703-359-0700

www.senseient.com

http://twitter.com/sharonnelsonesq

Hat tip to Dave Ries. ars technica recently reported on a chilling incident that happened in Northern Virginia.

Brian Krebs is something of a legend among security reporters. His exposés completely closed a California hosting company that was friendly to spammers and child pornographers and severely impacted an organized crime syndicate known as Russian Business Network. He has also followed the money trail to people who sell malware kits, stolen credit reports and denial-of-service attack help in underground forums.

Krebs has long been on the receiving end of DDoS attacks. His site, KrebsonSecurity, is regularly knocked offline by these attacks, likely from those he has investigated.

Earlier this month, he became one of the first journalists to be on the receiving end of a vicious hoax that prompted a raid on his Northern Virginia home by a swarm of heavily armed police officers. The hacking tactic, known as "swatting," involves using computers or special phone equipment to make emergency calls that appear to come from their target's phone number. When a 911 operator answers, they report a life-threatening, sometimes horrific crime in progress. Police, often armed with assault rifles, come to the victim's home, sometimes breaking down doors thinking that lives are at stake because of home invasion robberies or drug addicts murdering people.

Around 5 p.m., Krebs was preparing his home for a small dinner party. While vacuuming his home, his phone rang a few times, but he decided not to answer since he didn't want his party preparations to be delayed. He realized there was still some tape at the entrance of his house where Christmas lights had been and thought he'd remove it before his guests arrived.

As soon as he opened the door, an officer pointed a pistol at him and told him to put his hands up.

In all, there were at least a dozen officers with pistols, shotguns, and assault rifles pointed at him. They had police dogs circling his house and cruisers had sealed off a nearby street. Krebs, who was dressed in just gym shorts and a T-shirt, did as he was told.

An officer of the department told him that police received a 911 call that appeared to come from Krebs' phone. The caller posed as Krebs and said he was hiding in a closet after Russian thieves had broken into his home and shot his wife. They were now stealing jewelry, the caller reported.

After a few minutes in custody, Krebs explained that he was the victim of a crime known as swatting. One of the officers asked if Krebs was the person who had filed a report a few months earlier about threats against him. When Krebs replied yes, the officers did a quick search of his home, saw the dinner party preparations and realized that the call was a hoax. Those calls he received? They were from the police trying to call him.

I'll bet he wished he had answered those calls. Horrifying story.

E-mail: snelson@senseient.com          Phone: 703-359-0700

www.senseient.com

http://twitter.com/sharonnelsonesq

 

An interesting trend is developing. Some corporate clients are hiring law firms when they experience a data breach, as noted in a Wall Street Journal article on March 31st. The link is only available to subscribers. I'm not particularly thrilled because one obvious driver is using the attorney-client privilege to keep bad news secret. As I've said many times, businesses tend NOT to report breaches, the data breach laws of 47 states notwithstanding.

Obviously, the law firm can help with understanding and complying with the patchwork of data breach notification laws should that be necessary. But to my cynical mind, the primary impetus is to sign with a law firm first and then let the law firm hire the digital forensics experts in an attempt to keep the reports privileged.

The SEC instituted its voluntary corporate-disclosure plan for data breaches in October of 2011 and sent dozens of letters to companies last year asking about cybersecurity disclosures. I personally hope the SCC really turns up the heat so we truly learn what those of us information security believe - that virtually all businesses of any size have suffered one or more breaches.

Hat tip to Alan Goldberg.

E-mail: snelson@senseient.com          Phone: 703-359-0700

www.senseient.com

http://twitter.com/sharonnelsonesq

The problem with TECHSHOW is that it is a whirl of activity which always seems to be over right after it starts.

A number of readers have asked where they can catch up with us at TECHSHOW, so here are the things that are written in stone.

Thursday, April 4

8-10 a.m.  - We'll be working the Concierge booth. After pointing out where the bathrooms, coat check, etc. are, we can also help you sign up for a Taste of TECHSHOW dinner if you haven't already done so.

11:30  - Join us at our Meet the Author session where we'll talk about the highlights from our most recent book (gluttons for punishment, we've now written 11 books!), The 2013 Solo and Small Firm Legal Technology Guide.

4:00 - Along with my good friend Ben Schorr, I'll be presenting "Scary Tech: Cool Products and Hot Solutions for the Security-Minded Lawyer."

5:30 - Hoist a libation with us at the reception.

7:30 - we are hosting a Taste of TECHSHOW dinner at Mercat a la Planxa (just a block away and superb food).  We still have several openings so sign up when you get to the Concierge booth.

Friday April 5

10:00 - John will be presenting "Understanding Network Penetration Testing" with our brilliant young friend Chris Ries from Oracle. There will be some startling demos. Think a pineapple can't be dangerous? Think again.

3:45 - John and our long-time friend Tom O'Connor will be presenting "Text Me, Sext Me, Prove I Said It," which is an apt summary of many of our days.

Saturday, April 6

8:00 - I know it is early, but John and I are honored to be presenting a plenary session called "On the Trail of the Craigslist Killer: A Case Study in Digital Forensics." This has been an audience favorite over the past year.

Of course, we'll take our usual rambles around the Expo Hall checking out all the booths and learning what's new.

Hope to see you there!

E-mail: snelson@senseient.com          Phone: 703-359-0700

www.senseient.com

http://twitter.com/sharonnelsonesq

Let's go back to a time before we were all immersed in electronics. A well-known lawyer and former judge both encouraged me to help publicize this terrific play - happy to spread the word!

March 29, 2013 --- 1st Stage, Tysons’ award winning, non-profit, professional theater, announces the opening of “Never the Sinner,” directed by Jeremy Skidmore.  Award-winning playwright -screenwriter John Logan recreates the 1924 “trial of the century,” in a brilliant and compelling play. Teenagers Leopold and Loeb kidnap and murder a 14-year-old in a sick effort to create the perfect crime. Defense attorney Clarence Darrow reshapes the trial into a vivid and powerful exploration of violence, vengeance and justice and unpacks the boys’ complex relationship of fevered intellect, romantic passion, and distorted philosophy. The production runs Fridays at 8pm, Saturdays at 2 & 8pm, and Sundays at 2 & 7pm, through April 14.  A variety of post-show talkbacks with the director, actors and Fairfax attorney Robert Hall will take place over the remaining show weeks. Check the website for more information.

This intimate, comfortable theater, in its 5^th season, has produced 31 well-reviewed plays and musicals over the last five years. The Wall Street Journal included 1^st Stage in its 2012 wrap up of the best regional theaters in the nation. Above the car detailers and next to the dance studio, at 1524 Spring Hill Road, 1^st Stage offers free parking, $25 tickets, a visual arts gallery, and professional acting and directing. Visit www.1ststagetysons.org for more information, or call the Box Office at 703-854-1856.  Next up is Noel Coward’s “Blithe Spirit,” running from May 24 through June 16.

E-mail: snelson@senseient.com          Phone: 703-359-0700

www.senseient.com

http://twitter.com/sharonnelsonesq

We like the folks at Logik - and we love their Logikcull product. Can you review documents on your iPad? Sure. It's easy with Logikcull. Go to their booth and play - you can swipe to cull, swipe to navigate and touch to tag.

The ultimate goal is to make sure that users can do everything they can do now on their desktop also on their phones and tablets - right up to building a load file.

The new website (which I previewed late last night) has a quote from me.  All true, unsolicited and without any payback.

If you haven't tested Logikcull yet, you have to take a look (as readers will know, we are not easily impressed). If you forget the booth number (808), no worries - just look for Logik CEO Andy Wilson - he'll be the guy in bright red sneakers and a bionic-looking arm (broke his arm in half snowboarding which is why reading by the fire is ever so much better).

To get a taste of what Logikcull is all about, watch this short video. And if you really want to see how cool (and not quite mainstream) these guys are, check out their t-shirts!

And I didn't even ask for a t-shirt - what's wrong with me?

E-mail: snelson@senseient.com          Phone: 703-359-0700

www.senseient.com

http://twitter.com/sharonnelsonesq