DOCSLIB.ORG

Report of the Attorney General's Cyber Digital Task Force

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

U.S. Department of Justice REPORT OF THE ATTORNEY GENERAL’S CYBER DIGITAL TASK FORCE U. S. Department of Justice Office of the Deputy Attorney General The Deputy Attorney General Washington, D.C. 20530 July 2, 2018 Dear Mr. Attorney General: You have emphasized that "upholding the Constitution and protecting the rule of law is the fo undation ofeverything we do" at the Department ofJustice. Our impo11ant duties include keeping America safe by fighting crime and preserving the Nation' s security. As President Trump has observed, "The United States faces an extraordinarily dangerous world, filled with a wide range ofthreats that have intensified in recent years." Director of National Intelligence Dan Coats explained earlier this year that the cyber threat "is one of[our] greatest concerns and top priorities." The Department ofJustice shares that assessment. Every day, malicious cyber actors target our citizens, our businesses, our military, and all levels ofour government. They cause billions ofdollars in losses and attempt to undermine our democratic values. Combating cybercrime and cyber-enabled threats to our Nation' s security must remain among the Department's highest priorities. In February 2018, you directed the formation ofa Cyber-Digital Task Force to undertake a comprehensive assessment ofthe Department' s work in the cyber area, and to identify how federal law enforcement can even more effectively accomplish its mission in this vital and evolving area. The initial assessment is complete. It is my privilege to present this report ofthe Attorney General's Cyber-Digital Task Force. I hope this report will assist as all Americans keep moving forward to protect our people, promote our economy, and preserve our values. Sincerely, REPORT OF THE ATTORNEY GENERAL’S CYBER DIGITAL TASK FORCE United States Department of Justice Ofce of the Deputy Attorney General Cyber-Digital Task Force 950 Pennsylvania Avenue, N.W. Washington, D.C. 20530 https://www.justice.gov/cyberreport INTRODUCTION Table of Contents Letter from the Deputy Attorney General .............................. i Attorney General’s Cyber-Digital Task Force ...................... vii Introduction ........................................................................................ xi Chapter 1 Countering Malign Foreign Influence Operations ...................... 1 Chapter 2 Categorizing Sophisticated Cyber Schemes .................................... 23 Chapter 3 Detecting, Deterring, and Disrupting Cyber Threats ............... 9 Chapter 4 Responding to Cyber Incidents .............................................................. 83 Chapter Training and Managing Our Workforce .......................................... 95 Chapter 6 Looking Ahead ..............................................................................................109 Appendices Appendix 1: Memorandum Establishing the Task Force .......... 131 Appendix 2: Recent Successful Botnet Disruptions ................. 133 Appendix 3: Recent Successful Dark Web Disruptions ............ 137 Appendix : Glossary of Key Terms .....................................................1 1 v TASK FORCE MEMBERS ATTORNEY GENERAL’S CYBER-DIGITAL TASK FORCE Task Force Members Sujit Raman, Chair Associate Deputy Attorney General Ofce of the Deputy Attorney General John P. Cronan Andrew E. Lelling Assistant Attorney General (Acting) United States Attorney Criminal Division District of Massachusetts John C. Demers David T. Resch Assistant Attorney General Executive Assistant Director National Security Division Federal Bureau of Investigation Carl Ghattas Beth A. Williams Executive Assistant Director Assistant Attorney General Federal Bureau of Investigation Ofce of Legal Policy John M. Gore Peter A. Winn Assistant Attorney General (Acting) Chief Privacy & Civil Liberties Ofcer (Acting) Civil Rights Division Director, Ofce of Privacy & Civil Liberties CYBER-DIGITAL TASK FORCE REPORT Task Force Contributors Matthew J. Sheehan Counsel to the Deputy Attorney General Staf Director Elizabeth Aloi Brendan Groves Richard Pilger Leonard Bailey Aarash Haghighat Jason Poole Michael F. Buchwald William Hall Andrew Proia Mark Champoux Christopher Hardee Kimberley Raleigh Tomas Dettore Adam Hickey Peter Roman Richard Downing Ray Hulser Opher Shweiki Benjamin Fitzpatrick Anitha Ibrahim Michael Stawasz Lindsey Freeman Matthew Kluge AnnaLou Tirol Tashina Gauhar John T. Lynch, Jr. Andrew Warden Josh Goldfoot Katrina Mulligan J. Brad Wiegmann Bonnie Greenberg Sean Newell Cory Wilson Erica O’Neil And representatives from: Bureau of Alcohol, Tobacco, Firearms, and Explosives Ofce of Strategic Intelligence & Information Drug Enforcement Administration Ofce of Investigative Technology Federal Bureau of Investigation Counterintelligence Division Federal Bureau of Investigation Counterterrorism Division Federal Bureau of Investigation Criminal Investigative Division Federal Bureau of Investigation Cyber Division Federal Bureau of Investigation Digital Transformation Ofce Federal Bureau of Investigation Information Technology Branch Federal Bureau of Investigation Ofce of Private Sector Federal Bureau of Investigation Ofce of the Chief Information Ofcer Federal Bureau of Investigation Ofce of the Director Federal Bureau of Investigation Ofce of the General Counsel Federal Bureau of Investigation Operational Technology Division INTERPOL Washington, the U.S. National Central Bureau Justice Management Division Ofce of the Chief Information Ofcer/ Cybersecurity Services Staf United States Marshals Service Investigative Operations Division United States Marshals Service Judicial Security Division viii INTRODUCTION Introduction Cyber-enabled attacks are exacting an enormous toll on American busi- nesses, government agencies, and families. Computer intrusions, cy- bercrime schemes, and the covert misuse of digital infrastructure have bankrupted frms, destroyed billions of dollars in investments, and helped hostile foreign governments launch infuence operations de- signed to undermine fundamental American institutions. Te Department of Justice’s primary mission is to keep the American people safe. We play a critical role in the federal government’s shared efort to combat malicious, cyber-enabled threats. n February 2018, the Attorney General policy—grounded in our longstanding prin- established a Cyber-Digital Task Force ciples of political neutrality, adherence to within the Department and directed the the rule of law, and safeguarding the public ITask Force to answer two basic, foundational trust—that governs the disclosure of foreign questions: How is the Department respond- infuence operations. ing to cyber threats? And how can federal law enforcement more efectively accomplish its Chapters 2 and 3 discuss other cyber-enabled mission in this important and rapidly evolv- threats our Nation faces, particularly those ing area? connected with cybercrimes. Tese chapters describe the resources the Department is de- Tis report addresses the frst question. It be- ploying to confront those threats, and how our gins by focusing on one of the most press- eforts further the rule of law in this country ing cyber-enabled threats our Nation faces: and around the world. Chapter 4 focuses on the threat posed by malign foreign infuence a critical aspect of the Department’s mission, operations. Chapter 1 explains what foreign in which the Federal Bureau of Investigation infuence operations are, and how hostile for- plays a lead role: responding to cyber inci- eign actors have used these operations to tar- dents. Chapter 5 then turns the lens inward, get our Nation’s democratic processes, includ- focusing on the Department’s eforts to recruit ing our elections. Tis chapter concludes by and train our own personnel on cyber mat- describing the Department’s protective eforts ters. Finally, the report concludes in Chapter with respect to the upcoming 2018 midterm 6 with thoughts and observations about cer- elections, and announces a new Department tain priority policy matters, and charts a path xi CYBER-DIGITAL TASK FORCE REPORT for the Task Force’s future work. Over the criminals rely upon to penetrate our borders. next few months, the Department will build We use legal authorities to take control of upon this initial report’s fndings, and will virtual infrastructure—such as networks of provide recommendations to the Attorney compromised computers called “botnets”— General for how the Department can even to prevent future victimization. We share in- more efciently manage the growing global formation gathered during our investigations cyber challenge. to help victims protect themselves. And we do all of these things to fght modern threats Te Department’s Cyber Mission while remaining faithful to our Nation’s re- spect for personal freedom, civil liberties, Computer intrusions and attacks are crimes, and the rule of law. and the Department of Justice fghts crime. Tat is true regardless of whether the crimi- Where appropriate, we also work closely nal is a transnational organized crime group, with our interagency partners to support f- a lone hacker, or an ofcer of a foreign mil- nancial, diplomatic, and military measures itary or intelligence organization. In addi- to bring all possible instruments of national tion, the Department has unique and indis- power to bear against cyber threats. Other pensable cybersecurity roles in the realm of departments have the primary responsibil- foreign intelligence and counterintelligence. ity for helping victims recover from
Recommended publications
  • Corruption Facts

    Corruption Facts

    facts_E.qxd 07/12/2005 14:12 Page 1 Corruption Facts Corruption causes reduced investment. • Investment in a relatively corrupt country compared to an uncorrupt one can be as much as 20 per cent more costly. [“Economic Corruption: Some Facts”, Daniel Kaufmann 8th International Anti-Corruption Conference 1997] • Nations that fight corruption and improve their rule of law could increase their national income • Each year, over US$ 1 trillion is paid in bribes by 400 per cent. worldwide. [“US$ 1 Trillion lost each year to bribery says World Bank”, UN Wire, 12 April 2004] [World Bank, www.worldbank.org] • Corruption reduces a government's ability to provide basic resources and services for Increasing evidence indicates widespread its citizens. corruption in the judiciary in many parts of the world. • Corruption and the transfer of illicit funds • Judicial corruption undermines the rule have contributed to capital flight in Africa, of law and government legitimacy. with more than US$ 400 billion having been looted and stashed away in foreign countries. • A corrupt judiciary cripples a society's Of that amount, around US$ 100 billion is ability to curb corruption. estimated to have come from Nigeria alone. • A report examining the judiciary in 48 • Former President of Zaire, Mobutu Sese Seko countries found that judicial corruption (in power 1965-1997) is believed to have looted was pervasive in 30 of them. the country's treasury of some US$ 5 billion— [Centre for Independence of Judges and Lawyers, an amount equal to the country's external Ninth annual report on Attacks on Justice, March 1997, February 1999.] debt at the time.
  • Corruption from a Cross-Cultural Perspective

    Corruption from a Cross-Cultural Perspective

    Corruption from a Cross-Cultural Perspective John Hooker Carnegie Mellon University October 2008 Abstract This paper views corruption as activity that tends to undermine a cultural system. Because cultures operate in very different ways, different activities are corrupting in different parts of the world. The paper analyzes real-life situations in Japan, Taiwan, India, China, North America, sub-Saharan Africa, the Middle East, and Korea to distinguish actions that structurally undermine a cultural system from those that are merely inefficient or are actually supportive. Activities such as nepotism or cronyism that are corrupting in the rule-based cultures of the West may be functional in relationship-based cultures. Behavior that is normal in the West, such as bringing lawsuits or adhering strictly to a contract, may be corrupting elsewhere. Practices such as bribery that are often corrupting across cultures are nonetheless corrupting for very different reasons. This perspective provides culturally-sensitive guidelines not only for avoiding corruption but for understanding the mechanisms that make a culture work. Keywords – Corruption, cross-cultural ethics The world is shrinking, but its cultures remain worlds apart, as do its ethical norms. Bribery, kickbacks, cronyism, and nepotism seem to be more prevalent in some parts of the world, and one wants to know why. Is it because some peoples are less ethical than others? Or is it because they have different ethical systems and regard these behaviors as acceptable? As one might expect from a complicated world, the truth is more complicated than either of these alternatives. Behavioral differences result partly from different norms, and partly from a failure to live up to these norms.
  • The Internet and Drug Markets

    The Internet and Drug Markets

    INSIGHTS EN ISSN THE INTERNET AND DRUG MARKETS 2314-9264 The internet and drug markets 21 The internet and drug markets EMCDDA project group Jane Mounteney, Alessandra Bo and Alberto Oteo 21 Legal notice This publication of the European Monitoring Centre for Drugs and Drug Addiction (EMCDDA) is protected by copyright. The EMCDDA accepts no responsibility or liability for any consequences arising from the use of the data contained in this document. The contents of this publication do not necessarily reflect the official opinions of the EMCDDA’s partners, any EU Member State or any agency or institution of the European Union. Europe Direct is a service to help you find answers to your questions about the European Union Freephone number (*): 00 800 6 7 8 9 10 11 (*) The information given is free, as are most calls (though some operators, phone boxes or hotels may charge you). More information on the European Union is available on the internet (http://europa.eu). Luxembourg: Publications Office of the European Union, 2016 ISBN: 978-92-9168-841-8 doi:10.2810/324608 © European Monitoring Centre for Drugs and Drug Addiction, 2016 Reproduction is authorised provided the source is acknowledged. This publication should be referenced as: European Monitoring Centre for Drugs and Drug Addiction (2016), The internet and drug markets, EMCDDA Insights 21, Publications Office of the European Union, Luxembourg. References to chapters in this publication should include, where relevant, references to the authors of each chapter, together with a reference to the wider publication. For example: Mounteney, J., Oteo, A. and Griffiths, P.
  • Data Localization the Unintended Consequences of Privacy Litigation

    Data Localization the Unintended Consequences of Privacy Litigation

    American University Law Review Volume 67 | Issue 3 Article 6 2018 Data Localization The ninU tended Consequences Of Privacy Litigation H Jacqueline Brehmer American University Washington College of Law Follow this and additional works at: http://digitalcommons.wcl.american.edu/aulr Part of the Computer Law Commons, and the Privacy Law Commons Recommended Citation Brehmer, H Jacqueline (2018) "Data Localization The ninU tended Consequences Of Privacy Litigation," American University Law Review: Vol. 67 : Iss. 3 , Article 6. Available at: http://digitalcommons.wcl.american.edu/aulr/vol67/iss3/6 This Comment is brought to you for free and open access by the Washington College of Law Journals & Law Reviews at Digital Commons @ American University Washington College of Law. It has been accepted for inclusion in American University Law Review by an authorized editor of Digital Commons @ American University Washington College of Law. For more information, please contact [email protected]. Data Localization The ninU tended Consequences Of Privacy Litigation Keywords cybersecurity threats, data localization, data privacy, Electronic Communications Privacy Act, Microsoft Ireland This comment is available in American University Law Review: http://digitalcommons.wcl.american.edu/aulr/vol67/iss3/6 NOTE DATA LOCALIZATION: THE UNINTENDED CONSEQUENCES OF PRIVACY LITIGATION H JACQUELINE BREHMER* This Note addresses a key unintended consequence of recent data privacy litigation before the European Court of Justice and the U.S. Supreme Court. Two cases—Data Protection Commissioner v. Schrems and United States v. Microsoft Corp.—contravene the principles upon which the internet was founded by removing legal and scalable mechanisms for cross-border data transfers. While these cases do not directly create data localization regimes, they highlight the irreconcilably different approaches to data privacy held by the United States and the European Union and eliminate valid options for transfer such that localization is the only remaining scalable solution.
  • Iot Threats, Challenges and Secured Integration

    Iot Threats, Challenges and Secured Integration

    IoT Threats, Challenges and Secured Integration Christian Shink, p. eng., CSSLP System Engineer • Why IoT Devices? • Bot Attacks • 3 Botnets fighting over IoT Firepower • Secure IoT integration Why IoT Devices Internet of Things Internet working of physical devices, vehicles, buildings, … Devices embedded with electronics, software, sensors, actuators Network connectivity Any Path Any Service Any Network Anytime Any Business Any context Anyone Machinery Anybody Building energy Anything Management Any Device Healthcare Retail A Rapidly Growing Number of Connected Devices Copyright © 2017 Radware. All rights reserved. IoT is Highly Susceptible to Cyber Attacks IoT devices run an embedded or stripped-down version of the familiar Linux operating system. 1 Malware can easily be compiled for the target architecture, mostly ARM, MIPS, x86 internet-accessible, lots of (I)IoT and ICS/SCADA are deployed without any form of 2 firewall protection Stripped-down operating system and processing power leaves less room for security 3 features, including auditing, and most compromises go unnoticed by the owners To save engineering time, manufacturers re-use portions of hardware and software in different 4 classes of devices resulting in default passwords and vulnerabilities being shared across device classes and manufacturers Internet Security Trend report 2015 by Nexus guard: IoT is becoming a soft target for cyber-attack Copyright © 2017 Radware. All rights reserved. From the News “D-Link failed to take reasonable steps to secure its routers and IP cameras, potentially compromising sensitive consumer information” “The cameras aren’t designed to receive software updates so the zero-day exploits can’t be patched.” “We believe that this backdoor was introduced by Sony developers on purpose” Sources: 1.
  • Security Now! #664 - 05-22-18 Spectreng Revealed

    Security Now! #664 - 05-22-18 Spectreng Revealed

    Security Now! #664 - 05-22-18 SpectreNG Revealed This week on Security Now! This week we examine the recent flaws discovered in the secure Signal messaging app for desktops, the rise in DNS router hijacking, another seriously flawed consumer router family, Microsoft Spectre patches for Win10's April 2018 feature update, the threat of voice assistant spoofing attacks, the evolving security of HTTP, still more new trouble with GPON routers, Facebook's Android app mistake, BMW's 14 security flaws and some fun miscellany. Then we examine the news of the next-generation of Spectre processor speculation flaws and what they mean for us. Our Picture of the Week Security News Update your Signal Desktop Apps for Windows & Linux A few weeks ago, Argentinian security researchers discovered a severe vulnerability in the Signal messaging app for Windows and Linux desktops that allows remote attackers to execute malicious code on recipient systems simply by sending a message—without requiring any user interaction. The vulnerability was accidentally discovered while researchers–amond them Juliano Rizzo–were chatting on Signal messenger and one of them shared a link of a vulnerable site with an XSS payload in its URL. However, the XSS payload unexpectedly got executed on the Signal desktop app!! (Juliano Rizzo was on the beach when the BEAST and CRIME attacks occurred to him.) After analyzing the scope of this issue by testing multiple XSS payloads, they found that the vulnerability resides in the function responsible for handling shared links, allowing attackers to inject user-defined HTML/JavaScript code via iFrame, image, video and audio tags.
  • The Underground Economy.Pdf

    The Underground Economy.Pdf

    THE THE The seeds of cybercrime grow in the anonymized depths of the dark web – underground websites where the criminally minded meet to traffic in illegal products and services, develop contacts for jobs and commerce, and even socialize with friends. To better understand how cybercriminals operate today and what they might do in the future, Trustwave SpiderLabs researchers maintain a presence in some of the more prominent recesses of the online criminal underground. There, the team takes advantage of the very anonymity that makes the dark web unique, which allows them to discretely observe the habits of cyber swindlers. Some of the information the team has gathered revolves around the dark web’s intricate code of honor, reputation systems, job market, and techniques used by cybercriminals to hide their tracks from law enforcement. We’ve previously highlighted these findings in an extensive three-part series featured on the Trustwave SpiderLabs blog. But we’ve decided to consolidate and package this information in an informative e-book that gleans the most important information from that series, illustrating how the online criminal underground works. Knowledge is power in cybersecurity, and this serves as a weapon in the fight against cybercrime. THE Where Criminals Congregate Much like your everyday social individual, cyber swindlers convene on online forums and discussion platforms tailored to their interests. Most of the criminal activity conducted occurs on the dark web, a network of anonymized websites that uses services such as Tor to disguise the locations of servers and mask the identities of site operators and visitors. The most popular destination is the now-defunct Silk Road, which operated from 2011 until the arrest of its founder, Ross Ulbricht, in 2013.
  • Into the Reverie: Exploration of the Dream Market

    Into the Reverie: Exploration of the Dream Market

    Into the Reverie: Exploration of the Dream Market Theo Carr1, Jun Zhuang2, Dwight Sablan3, Emma LaRue4, Yubao Wu5, Mohammad Al Hasan2, and George Mohler2 1Department of Mathematics, Northeastern University, Boston, MA 2Department of Computer & Information Science, Indiana University - Purdue University, Indianapolis, IN 3Department of Mathematics and Computer Science, University of Guam, Guam 4Department of Mathematics and Statistics, University of Arkansas at Little Rock, AK 5Department of Computer Science, Georgia State University, Atlanta, GA [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected] Abstract—Since the emergence of the Silk Road market in Onymous" in 2014, a worldwide action taken by law enforce- the early 2010s, dark web ‘cryptomarkets’ have proliferated and ment and judicial agencies aimed to put a kibosh on these offered people an online platform to buy and sell illicit drugs, illicit behaviors [5]. Law enforcement interventions such as relying on cryptocurrencies such as Bitcoin for anonymous trans- actions. However, recent studies have highlighted the potential for Onymous, along with exit scams and hacks, have successfully de-anonymization of bitcoin transactions, bringing into question shut down numerous cryptomarkets, including AlphaBay, Silk the level of anonymity afforded by cryptomarkets. We examine a Road, Dream, and more recently, Wall Street [6]. Despite these set of over 100,000 product reviews from several cryptomarkets interruptions, new markets have continued to proliferate. The collected in 2018 and 2019 and conduct a comprehensive analysis authors of [7] note that there appears to be a consistent daily of the markets, including an examination of the distribution of drug sales and revenue among vendors, and a comparison demand of about $500,000 for illicit products on the dark web, of incidences of opioid sales to overdose deaths in a US city.
  • Internet of Things Botnet Detection Approaches: Analysis and Recommendations for Future Research

    Internet of Things Botnet Detection Approaches: Analysis and Recommendations for Future Research

    applied sciences Systematic Review Internet of Things Botnet Detection Approaches: Analysis and Recommendations for Future Research Majda Wazzan 1,*, Daniyal Algazzawi 2 , Omaima Bamasaq 1, Aiiad Albeshri 1 and Li Cheng 3 1 Computer Science Department, Faculty of Computing and Information Technology, King Abdulaziz University, Jeddah 21589, Saudi Arabia; [email protected] (O.B.); [email protected] (A.A.) 2 Information Systems Department, Faculty of Computing and Information Technology, King Abdulaziz University, Jeddah 21589, Saudi Arabia; [email protected] 3 Xinjiang Technical Institute of Physics & Chemistry Chinese Academy of Sciences, Urumqi 830011, China; [email protected] * Correspondence: [email protected] Abstract: Internet of Things (IoT) is promising technology that brings tremendous benefits if used optimally. At the same time, it has resulted in an increase in cybersecurity risks due to the lack of security for IoT devices. IoT botnets, for instance, have become a critical threat; however, systematic and comprehensive studies analyzing the importance of botnet detection methods are limited in the IoT environment. Thus, this study aimed to identify, assess and provide a thoroughly review of experimental works on the research relevant to the detection of IoT botnets. To accomplish this goal, a systematic literature review (SLR), an effective method, was applied for gathering and critically reviewing research papers. This work employed three research questions on the detection methods used to detect IoT botnets, the botnet phases and the different malicious activity scenarios. The authors analyzed the nominated research and the key methods related to them. The detection Citation: Wazzan, M.; Algazzawi, D.; methods have been classified based on the techniques used, and the authors investigated the botnet Bamasaq, O.; Albeshri, A.; Cheng, L.
  • Flipping 419 Cybercrime Scams: Targeting the Weak and the Vulnerable

    Flipping 419 Cybercrime Scams: Targeting the Weak and the Vulnerable

    Flipping 419 Cybercrime Scams: Targeting the Weak and the Vulnerable Gibson Mba Jeremiah Onaolapo Royal Holloway University College London University of London Gianluca Stringhini Lorenzo Cavallaro University College London Royal Holloway University of London ABSTRACT ans living in Nigeria. While the long history and advanced Most of cyberscam-related studies focus on threats perpe- use of Information and Communication Technology (ICT) trated against the Western society, with a particular atten- in the Western societies justify the large body of literature tion to the USA and Europe. Regrettably, no research has dealing with its misuse, the absence of detailed studies on been done on scams targeting African countries, especially other regions, such as Africa, creates the impression that Nigeria, where the notorious and (in)famous 419 advanced- these societies are immune from cyber attacks. On the con- fee scam, targeted towards other countries, originated. How- trary, there is more happening out there that has not been ever, as we know, cybercrime is a global problem affecting brought to the attention of the concerned public. Our study all parties. In this study, we investigate a form of advance aims at bridging this gap, i.e., the paucity of African unique fee fraud scam unique to Nigeria and targeted at Nigerians, contribution to the global cybercrime, by studying in de- but unknown to the Western world. For the study, we rely tail a form of 419 (advance fee fraud) scam unknown to the substantially on almost two years worth of data harvested West but unique to Africa|Nigeria in particular|targeted from an online discussion forum used by criminals.
  • Beware of These Common Scams

    Beware of These Common Scams

    Beware of these common scams Nigerian Scams People claiming to be officials, businessmen or surviving relatives of former government officials in countries around the world send countless offers via e-mail, attempting to convince consumers that they will transfer thousands of dollars into your bank account if you will just pay a fee or "taxes" to help them access their money. If you respond to the initial offer, you may receive documents that look "official." Unfortunately, you will get more e-mails asking you to send more money to cover transaction and transfer costs, attorney's fees, blank letterhead and your bank account numbers and other sensitive, personal information. Tech Support Scams A tech support person may call or email you and claim that they are from Windows, Microsoft or another software company. The person says your computer is running slow or has a virus and it’s sending out error messages. Scammers will ask you to visit a website that gives them remote access to your computer. If the caller obtains access they can steal personal information, usernames and passwords to commit identity theft or send spam messages. In some cases, the caller may even be asked for a wired payment or credit card information. Lottery Scams In foreign lottery scams, you receive an email claiming that you are the winner of a foreign lottery. All you need to do to claim your prize is send money to pay the taxes, insurance, or processing or customs fees. Sometimes, you will be asked to provide a bank account number so the funds can be deposited.
  • Making the Cut? | SPECIAL REPORT | Sept

    Making the Cut? | SPECIAL REPORT | Sept

    DATA PRIVACY & SECURITY SPECIAL REPORT SEPT. 24, 2020 After EU judges struck down the Privacy Shield data-transfer agreement, what’s next for US tech Making giants, thousands of other companies and regulatory the Cut? regimes around the world? INSIGHT | COMMENTARY | ANALYSIS Editor’s Letter Lewis Crofts MLex Editor-in-Chief We have arranged it in three thematic sections to reflect the multiple moving parts of the topic: 1) the EU court’s decision and immediate effects on Facebook and other companies; 2) the scramble by the US and EU to work out what to do about replacing the binned agreement and making SCCs more robust; and headache. A bombshell. A seismic shift. 3) the concerns and responses by other affected However dramatic you might like your countries around the world — including the UK, A metaphors, there is little doubt that EU Japan and Australia. judges delivered an extraordinarily significant We trust you enjoy reading this report and ruling on July 16. In striking down Privacy Shield, find it a useful guide to a complex, evolving issue. the EU-US data-transfer framework, they instantly The reporting here is a brief example of the threw into doubt the operations of more than insight and predictive analysis that MLex brings 5,000 US companies that relied on it. subscribers to our data privacy and security The ruling — essentially based on the failure service every day. of the mechanism to protect EU citizens’ data The stories included were all published from US government snooping — doesn’t as events unfolded, bringing our subscribers prevent companies transferring data between unrivalled insight into the significance of the EU and other foreign countries under developments and the likely next steps in an issue “standard contractual clauses.” But these can’t that will affect the operations of many thousands protect data in countries, including the US, that of businesses around the world.