Attorney Advertising

Recent Developments in Technology, Cybersecurity, and Fraud Prevention Your Business Should Be Aware of

by

cone-jpg-1387257-m.jpgThere really is no way any more to avoid technology, and all of the good and the bad that goes along with it. Recent news articles point out how technology is the one place where business, science, and the law intersect; why every business owner should stay up to date on the developments within it; and why, no matter how careful you are, you can never stop being vigilant.

Technology and computing were not always everywhere. As an article in the May 17-May 18, 2014 Weekend Edition of the Wall Street Journal points out, fifty years ago, computers were the domain of a select minority of scientists, mathematicians, and engineers; only they could use, or understand, the complicated instructions necessary to run them. Then two Dartmouth College professors, John Kemeny and Tom Kurtz, along with some enthusiastic students, created a different sort of way to control and operate computers. They believed, according to the article, that the best way to get the biggest benefit from the technology was to open it up to as many people as possible. They created the computer language BASIC, or Beginner’s All-purpose Symbolic Instruction Code. They designed it to be accessible to the everyman. They allowed, and encouraged, wider access to computers, even for those off-campus through remote access phone lines. They helped democratize computing and foresaw that it would impact most businesses and private lives in the not distant future, though they couldn’t be sure of all of the good and the bad that would come from it.

Fast-forward to today: Businesses rely on computing for much of their day to day operations. As we’ve previously written, they use, possess, and maintain large amounts of their customers’ personal and financial information. Use a credit card or debit card, and think of all the important information you are turning over, all of which thieves like to steal: credit card numbers, dates of birth, addresses, and social security numbers. The legal importance of all this information being passed around is easy to see: If it gets stolen people will be hurt financially and they’ll look for someone to cover their losses. We’ve also previously written about how the Federal Trade Commission is seeking to force businesses to take reasonable precautions to safeguard their customers’ private information. Businesses evidently realize there is a problem and many now are trying to do something about it.

Many retailers are now working together to protect their customers’ information from digital theft. On May 14, 2014, the Retail Industry Leaders Association, with the reported backing of companies such as American Eagle Outfitters, Gap Inc., J. C. Penney Company Inc., Lowe’s Companies, Inc., Nike, Inc., Safeway, Inc., Target Corporation, VF Corporation and Walgreen Company, announced a joint effort to share information regarding cyber-threats and security. Named the Retail Cyber Intelligence Sharing Center, or R-CISC, it is designed as a way to allow retailers to enhance cybersecurity by sharing information about, and developing means to protect against, such threats. The effort reportedly is needed because the thieves, the detection, and the protection are always evolving in what seems like a never ending game of cat and mouse.

There’s a lot to work to do. Businesses need new and better ways to protect information because even some of the ways they currently use can be defeated. Think of the Heartbleed Bug, which was a programming defect that went unnoticed for more than two years; no one knows for sure how long, or how often, it was exploited or how much information was taken because of it.

Encryption often relies on complex mathematical problems to protect information; the harder the problem, and the longer it takes to solve, the better protected the encrypted information is. One such mathematical problem relied on in many cryptographic schemes is the discreet logarithm problem. On May 9, 2014, however, it was announced that Pierrick Gaudry, Răzvan Bărbulescu, Emmanuel Thomé and Antoine Joux, four researchers from CNRS and the Laboratoire d’Informatique de Paris 6, solved one discreet aspect of the problem. The details of the problem, and how it was solved, are not that important for our purposes, but the end result is: Their work, though theoretical, reportedly discredits several cryptographic systems that had been believed to sufficiently protect information. In other words, what we used to believe was good enough, isn’t, and we have to come up with something else.

Businesses are developing new tools to protect information all the time. According to a story that appeared in the May 18, 2014 edition of Physics.org, a new company just launched its encrypted email service on Friday, May 16, 2014: Protonmail. Scientists from MIT, Harvard, and the European research lab CERN, reportedly helped develop it. Protonmail aims to make protecting emails commonplace and easy, by having the encryption occur behind the scenes. It also reportedly placed its servers outside the United States, in order to make it more difficult for U.S. law enforcement to access. Though no technical details of the encryption method are given, the company reportedly claims that they don’t have a key to unlock the encrypted information.

These are just a few of the many technological developments that your business should keep up with. You never know what information can or will be useful. What you should remember, though, is what you don’t know can, and probably will, hurt you.

Go raibh maith agat

Ray Grasing