"a federal judge granted a temporary restraining order cutting off 277 Internet domains believed to be run by criminals as the Waledac bot." See official Microsoft blog post.
This lawsuit case shows that the civil judicial system has a role to play in limiting the impact and damage caused by Internet crime like botnets, phishing and identity theft.
Plainscapital Bank v. Hillary Machinery is one of the most unusual lawsuits in the history of cyber security law. Not only did the bank sue its customer, the victim (with no allegation that the customer was complicit with the cyber crime). But the customer struck back with effective, web-savvy public relations. This case is not over. Yet the experience shows how important public communications are to Internet security issues. http://legal-beagle.typepad.
"A Texas bank is suing a customer hit by an $800,000 cybertheft incident in a case that could test the extent to which customers should be held responsible for protecting . . . "
- http://www.computerworld.com/s/article/9149218/Bank_sues_victim_of_800_000_cybertheft (view on Google Sidewiki)
The Federal Trade Commission should reconsider its investigation of and settlement with TJX. FTC rushed its judgment of TJX, settled with the company too quickly and issued a press release prematurely, before all of the investigation was over. Later, the more complete investigation revealed that TJX was the victim of a major and unprecedented crime spree. After all of the facts are reviewed, it is clear that the FTC's approach to credit card security is narrow-minded and counter productive. http://hack-igations.blogspot.
Early newspaper reports about a 2008 cyber break-in at Best Western Hotels were apparently overblown. BW Hotel's subsequent vigorous public communications response is now a case study example of how enterprise victims of cyberattacks should openly, carefully deliver appropriate public information about the attacks. Good public communications is critical to any IT security program. http://blogs.sans.org/
--Benjamin Wright, Senior SANS Institute Instructor on cyber defense and investigations law.
This article highlights a major theme in my SANS legal courses: public communications -- whether terms, contracts, policies, banners, press releases -- are critical to effective cyber security and investigations. http://legal-beagle.typepad.
--Benjamin Wright, Senior SANS Institute Instructor for IT law.