37838-chp_19-2 Sheet No. 6 Side A 05/09/2016 12:16:02 , 4/19/2016 PM7:39 Wall Street Journal Street Wall Political figures who who Political figures 1 is pleased to present this this present to pleased is 351 Denis Binder Binder Denis Introduction Introduction , Neiman Marcus, Panda Express, P.F. Chang’s, Chang’s, Panda Express, P.F. Marcus, , Neiman the Public and Private Sector Sector Private and the Public Chapman Law Review Law Chapman Estimates are that most of the major law firms have been hacked, but few wish to to wish few but hacked, been have firms major law of the most that are Estimates The The federal government is not immune; not even the Pentagon Pentagon the even not immune; not is government federal The UCLA, and USC. State, Ohio include universities Hacked Companies that have been the victims of cyber hacking been the victimscyber hacking that have of Companies 1 Cyberwars: Navigating Responsibilities for for Responsibilities Navigating Cyberwars: M K Do Not DeleteDo Wyndham Hotels, and even the computer giants Apple, giants Apple, and even the computer Hotels, Wyndham teams Yahoo. and Sports Twitter, Microsoft, Google, Facebook, have been hacked. that agencies federal Other Security. of Homeland or Department have been penetrated include the PostalService, the Department State the Department, of the Interior the Department of Energy, and Atmospheric Oceanic the National Department, Administration, the Veterans Administration, and the Office of Personnel Management. record academic have illegally hacked students High school Law victimized. have been change grades. Hospitals to systems to hacking. have proven vulnerable firms Symposium, carrying on our tradition of sponsoring an annual an annual sponsoring of on our tradition carrying Symposium, was in 1999 first Symposium Our subject. on a timely symposium year is topic this Our Millennium.” Policy for the New “Tax Public the and for Responsibilities Navigating “Cyberwars: more becomes seemingly which a subject Private Sector,” cyber of breaches impact and number the as year each pressing in the recently Congress relevance, its Indicating escalate. the Cybersecurity included of 2015 Budget Act Omnibus adopted 2015. Act of Queen, Dairy Citigroup, Chick-fil-A, BlueCross, include Anthem Jimmy Hotels, Hyatt Depot, Home Goodwill, eBay, Dominos, Morgan Stanley, Chase, Michaels, JPMorgan the Johns, Kmart, Times New York Target, Skype, Snapchat, SONY, Staples, SUPERVALU the VTech, Steel, U.S. UPS, (Albertsons), C Y 37838-chp_19-2 Sheet No. 6 Side A 05/09/2016 12:16:02 A 05/09/2016 6 Side Sheet No. 37838-chp_19-2 37838-chp_19-2 Sheet No. 6 Side B 05/09/2016 12:16:02 M K C Y 4/19/2016 PM7:39 , July 1, 2015, at 64. 1, 2015,, at July ORTUNE —was of the Ashley of the Ashley —was , F 3 (Sept. 17, 2008), http://content. http://content. 2008), 17, (Sept. [Vol. 19:2 [Vol. IME invasions also sent strong strong sent also invasions 5 , T and Target and 4 (Aug. 26, 2015, 7:31 PM), http://www.businessinsider.com/ . W., 2014, at 42. Mar. 23, Chapman Law Review Law Chapman US The EpicHack, Target Ignored Its Own Alarms – and Turned , B NSIDER .I Inside the Hack of the Century: SONY the Century: of Hack the Inside Sarah Palin’s HackedSarah E-Mail Ashley Madison Was a Bunch of Dudes Talking to Each Other, Data Data Other, Each to Talking Dudes of Bunch a Was Madison Ashley US , B 2 M.J. Stephy, Stephy, M.J. Rosoff, Matt Elkind, Peter al., et Riley Michael However, the data breach which has probably caused the the caused probably which has breach data the However, The automobile revolutionized the twentieth century century the twentieth revolutionized The automobile its have consequences. adverse The automobile did the twenty-first defining that is is the microchip it However, century of the early twentieth The mechanical revolution revolution. a yet as not but arrived, had Age The Computer and then of Engineering Dean Stanford’s of Under the aegis 2 3 4 5 ashley-madison-almost-no-women-2015-8 [http://perma.cc/7QP7-33QF]. [http://perma.cc/7QP7-33QF]. ashley-madison-almost-no-women-2015-8 Its Customers into Victims into Customers Its time.com/time/politics/article/0,8599,1842097,00.html [http://perma.cc/HGX6-UW97]. Analysis Suggests Analysis most angst to individuals—mostly men to individuals—mostly most angst come forward publicly for fear of clients discovering the firm has been unable to secure secure to unable been has firm the discovering clients of fear for publicly forward come confidentiality. the clients’ 352 Do Not DeleteDo Madison site. The SONY The site. Madison have become victims include 2008 vice presidential candidate candidate vice presidential 2008 include victims become have Sarah Palin. warnings to businesses to safeguard their sites. sites. their safeguard to businesses to warnings and suburbs the up opened automobile The lifestyle. American malls and suburban to moved Retailers city. central the shrank recently more The suburbs the suburbs. throughout malls strip as changed radically planning Land-use exurbs. into morphed surroundings. rural up the chewed areas the metropolitan at previously vacation Citizens could meant travel. Leisure time parks and forests. remote devoured Highways vitality. their of drained were Downtowns and wildlife and destroyed neighborhoods, divided farmland, most notably Los urban areas, engulfed Smog ecosystems. with deaths in auto accidents resulted The automobile Angeles. a new created It alcohol. involving often 50,000 annually, of up to auto. theft crime—grand of the center Detroit, of juggernaut economic Yesterday’s century. the center of the Valley, revolution, Silicon is now the automobile transformative the Age is Information The revolution. high-tech century. twenty-first the of force beginning technology, late high 1900s by in the was challenged on the minis then and 360 Computer, mainframe with IBM’s 128. Route Massachusetts’ graduates, David engineering two Terman, Provost Frederick Palo Alto garage. in a shop up set Hewlett, and William Packard has come to symbolize which Valley, Silicon of Thus was the rise 37838-chp_19-2 Sheet No. 6 Side B 05/09/2016 12:16:02 B 05/09/2016 6 Side Sheet No. 37838-chp_19-2 37838-chp_19-2 Sheet No. 7 Side A 05/09/2016 12:16:02 4/19/2016 PM7:39 Nicholas Carr, Carr, Nicholas see also see 353 353 . (Dec. 2013, 12, 12:47 PM), OR Asiana Jet Crash:Over-Reliance onAutopilot .K US Introduction , B . J. (Nov. 21, 2014, PM), 12:02 http://www.wsj.com/ T S ALL , W 6 Asiana Airlines Flight 214 landed short of the tarmac at San Francisco Francisco San at tarmac the of short 214 landed Flight Airlines Asiana We have satlines, satellite TV, satphones and smart phones, phones, We smart satellite and satphones TV, have satlines, in ubiquitous seemingly becoming is the computer Indeed, We are living the computer revolution. revolution. We the computer are living unknown and create of the unknown risk Revolutions trigger to assemble easier is Information its risks. has Cyberspace 6 M K International Airport when it hit the seawall separating the airport from the bay. Three Three bay. the from the airport separating seawall the hit it when Airport International the on pilots the by over-reliance on placed is Blame accident. 2013 6, July the in died clear it became when system the overriding manually than rather flight system autopilot rapidly. too descending was plane the that Training? Pilot Poor System, 2016] 2016] Do Not DeleteDo has Digital millennium. the new of revolution technological the of a critical item has become The smart phone analog. replaced The of us. most to a history but film is Silver halide our lives. paradigm. new the is computer personal and microchip Auto. Theft Grand as games, video such and streaming, GPS, live cutting. to cord hello cable, and and landlines to goodbye Say are witnessing medicine and robotics, intelligence, Artificial away commerce drawing now is The Internet advances. rapid online. shop increasingly as consumers malls the suburban from the of power the exceed ways in many may smartphones Today’s 1960s. the of computers mainframe the home, the classroom, in computers with activities our normal Computer and highways. the roads and the office, the factory, Today, law are widespread. models design and computer on laptops, rather notes class take exclusively almost students are increasingly effects special hand. Hollywood than by on dependent overly becoming are Humans computerized. computers. articles/automation-makes-us-dumb-1416589342. risks. The computer revolution has created three major risks so so major risks three has created revolution The computer risks. and bullying. security, privacy, far in greatest threats One of the and mortar. than bricks and destroy The limited. which is increasingly of privacy, is the loss today our individual maintain to wish we more the that paradox is Today’sprivacy computer have. less we the privacy, rights of at risk. The privacy puts the Internet with age information so the world through tells the accessible Internet information phone Cell media. social on looking even without much about us, Seemingly are ubiquitous. recorders and video tablets, cameras, our without often time, at any anywhere us record anyone can can then show up The recordings approval. much less knowledge, http://www.businesskorea.co.kr/english/news/politics/2428-asiana-jet-crash-over-reliance- [http://perma.cc/L6VP-UN8P]; autopilot-system-poor-pilot-training Automation Makes Us Dumb: Human Intelligence WitheringIsAs Computers More, Do Solution a There’s but C Y 37838-chp_19-2 Sheet No. 7 Side A 05/09/2016 12:16:02 A 05/09/2016 7 Side Sheet No. 37838-chp_19-2 37838-chp_19-2 Sheet No. 7 Side B 05/09/2016 12:16:02 , M K C Y 4/19/2016 PM7:39 [Vol. 19:2 [Vol. Bugs in Wi-Fi Hookups Cripple Web Security Web Cripple Hookups Wi-Fi in Bugs Chapman Law Review Law Chapman Jennifer Valentino-DeVries, Valentino-DeVries, Jennifer connections. A chain is only as strong as its weakest link. link. weakest its as strong as is only chain A connections. . J., Jan. 19, 2016, col. A1, 2. at 7 T See S Public records are increasingly accessible through the the through accessible increasingly are records Public age is cybersecurity, computer with today’s A second problem is online information financial and personal our So much of Cybersecurity has become business a mission-critical challenge. or DVDs laptops, when threatened is information Critical may be a website, to entering barrier the initial Passwords, a are at controls cybersecurity strong how No matter 7 ALL 354 Do Not DeleteDo on social media, and perhaps go viral. Webcams can record and and record can Webcams go viral. and perhaps media, on social secretly. often send, Internet. today News articles are posted digitally online. Materials loaded and PDFs to converted increasingly are ago decades from world the open to is our being, past, Our Internet. onto the downloads. through cyber theft and Identity thereof. lack the more accurately, or, major problems. are breaches by misuse or hackers either vulnerable to and, thus, somewhere is access improper to it. The access proper otherwise those with be devastating. can “misuse” subsequent the but reprehensible, risk at are often computers and tablets, phones, cell Personal basic in ignoring owner of the carelessness the because of same These protections. as password such precautions, security or on their devices, photos personal highly store might also users are or messages the in turn resend who to others, sext perhaps hacked. The challenges can come from seemingly infinite directions. improper Sometimes stolen. misplaced, or lost, are flash drives careless People are in emails. included are links or attachments may be buried addresses in hitting “reply all,” in that improper an in “send” push sometimes Others chain. the in somewhere moment. ill-advised otherwise or ill-tempered their in providing are careless users Some vulnerable. highly that applies password a common with Users to others. passwords A breach on one hackers. are inviting accounts to all their passwords crack easy to In addition, rest. the up account opens security. little provide as such locations, off-site exist at still can weaknesses company, and servers, routers, providers, suppliers, customers, connected Wi-Fi So too with cybersecurity. Even interactive video games have have video games interactive Even cybersecurity. with So too security. in link weak the is connection weakest The risks. W 37838-chp_19-2 Sheet No. 7 Side B 05/09/2016 12:16:02 B 05/09/2016 7 Side Sheet No. 37838-chp_19-2 37838-chp_19-2 Sheet No. 8 Side A 05/09/2016 12:16:02 ECURITY S 4/19/2016 PM7:39 ATA Attacking the D.C. D.C. the Attacking &D Melissa, ILoveYou, Melissa, ILoveYou, Firewalls can be can be Firewalls Obama Order Sped Up Wave Wave Up Sped Order Obama 8 9 RYPTOGRAPHY 355 355 .C D.C. Vote-Hackers Publish Their Vote- Their Publish Vote-Hackers D.C. IN Sovereign nations wish to to wish nations Sovereign F 10 (June 1, 2012), http://www.nytimes.com/ ON . d-wave-of-cyberattacks-against-iran.html?_r=0 d-wave-of-cyberattacks-against-iran.html?_r=0 IMES ONF T C Introduction TH (Mar. 6, 2012), https://www.washingtonpost.com/blogs/ https://www.washingtonpost.com/blogs/ (Mar. 2012), 6, , N.Y. .16 OST ROC .P , P ASH , W “Hacking” can also be by security experts testing the cybersecurity of a site. It also a site. It also of cybersecurity the testing experts security by be also can “Hacking” of Office States United the into hacked citizens Chinese that acknowledged China Israel and the United States are reported to have used the Stuxnet virus to to virus Stuxnet the used have to reported are States United the and Israel Multiple goals explain the hacking attacks: to discover discover to attacks: the hacking explain goals Multiple Damage occurs once a site is improperly accessed. If the If the accessed. improperly site is a once occurs Damage about paranoid be seemingly have to hosts Today’s computer The list of those at risk includes employees, consumers, consumers, employees, The list includes of those at risk 9 8 10 M K gain military advantages. advantages. gain military (Angelos D. Keromytis ed., Mike DeBonis, (Angelos Keromytis 2012); D. Exploits Hacking breached. breached. Students’ governments. and patients, students, customers, compromised, cards credit accessed, are records academic medical and released, photos personal drained, financial accounts are sexts and texts, histories, search Emails, disclosed. records and reputations lost, ruined, careers vulnerable. Lives are the in are and businesses people to costs economic The destroyed. of because keystrokes few a only with sometimes All billions. vulnerability the of hear We security. or non-existent inadequate cell their had celebrities Several grid. electrical of the nation’s ago. years few a leaked and hacked photos phone Hackers secrets. and military secrets, trade secrets, corporate future in to use perhaps information, personal obtain to seek be individuals, can The hackers efforts. blackmail or extortion even governments. or businesses, Internet Voting System sometimes seems humorous. For example, the District of Columbia Board of Elections and and Elections of Board Columbia of District the example, For humorous. seems sometimes source The system. voting proposed a of security the test to election mock a held Ethics to time provided researchers science computer and public with the published code was a found quickly team engineering of Michigan University A in. hack to attempt the Victors,” “The leaving the site, hijacked essentially and system in the vulnerability al.,et Wolchok Scott site. the on song, fight of Michigan University disable roughly 20% of Iranian centrifuges. David E. Sanger, Sanger, E. David centrifuges. Iranian of 20% roughly disable of Cyberattacks Against Iran wrongful information is published and goes viral, then it cannot it cannot then goes viral, and published is information wrongful original if the web even worldwide the from be removed to is called account. wrongdoer are two that there California in Southern say They cybersecurity. will. The that termites had and those that types of homes—those have been victims us many of risks; cybersecurity of true is same Horses, Trojan malware, of We learn be. will or theft, of identity and viruses, spyware, ransomware, spear phishing, phishing, include Stuxnet, viruses Infamous worms. mike-debonis/post/dc-vote-hackers-publish-their-vote-hacking-exploits/2012/03/06/gIQArb [http://perma.cc/4BG6-P7XL]. G4uR_blog.html 2016] 2016] Do Not DeleteDo Sasser, Zues, Mydoom, and Code Red. Code and Mydoom, Zues, Sasser, 2012/06/01/world/middleeast/obama-ordere [http://perma.cc/D5R2-YVB8]. C Y 37838-chp_19-2 Sheet No. 8 Side A 05/09/2016 12:16:02 A 05/09/2016 8 Side Sheet No. 37838-chp_19-2 37838-chp_19-2 Sheet No. 8 Side B 05/09/2016 12:16:02 M K C Y In re 4/19/2016 PM7:39 in 1898. in 1898. , Dec. 3, 2015, at 11 IMES T China of Hacking Says , N.Y. Hackers Get Inside a Jeep, and and Jeep, a Inside Get Hackers [Vol. 19:2 [Vol. The War of the Worlds , July 22, 2014, at B4, col. 1. col. B4, 22, 2014,, at July IMES T Chapman Law Review Law Chapman , N.Y. even if the victims cannot legally reach the reach the legally cannot even if the victims 12 , Remijas v. Neiman Marcus Grp., v. Neiman , Remijas Marcus LLC, 794 F.3d 688 (7th Cir. 2015); See, e.g. See, Two security researchers were able to hack into and remotely control jeeps with a jeeps control remotely into and to hack able were researchers Two security Sometimes the goal is to obtain incriminating or highly or highly incriminating to obtain is the goal Sometimes cafes, cyber cyberbullies, bots, cyber cyberattacks, We face run computers Today’s computers. do too, and so, Cars crash, Sometimes it’s as simple as a few clicks to cause substantial substantial cause to clicks as a few simple as it’s Sometimes published Wells H.G. We are in a war between the hackers, often government-based, lawsuits, brought often have breaches cyber of Victims 11 12 A10, 1. col. Target Corp. Cust. Data Sec. Breach Litig., 66 F. Supp. 3d 1154 (D. Minn. 2014); In Re Re In 2014); Minn. (D. 1154 3d Supp. F. 66 Litig., Breach Sec. Data Cust. Corp. Target SCI . Applications Int’l (SAIC) Corp. Backup Tape Data TheftLitig., F. 45 Supp. 3d 14 (D.D.C.NationwideF. Supp. Mut., 2014);Inc., 2014). v. (S.D. 998 646 Ohio Galaria 2d Fiat Chrysler is Dismayed is Chrysler Fiat flaw common to Chrysler Fiat vehicles. Nicole Perlroth, Perlroth, Nicole Fiat vehicles. Chrysler to common flaw personal information to release to the public to embarrass the the to embarrass public the to release to information personal porn revenge vengeance; and revenge seek hackers Some victims. years. recent in problem major a has become Cyber insurance, cyber incidents, cyber cyber harassment, cyberphobia, cyber networks, cybernetics, cybernauts, Mondays, searches, cyber risk, cyber rings, cyber power, cyber strategy, cyber cyberstalking, cyberspace, cybersecurity, cyberwarfare, cyberthreats, cyberterrorism, cybertechnology, world. and a cyber cyberweapons, They can also be planes. and trains, boats, mention cars, not to planes. and trains, boats, cars, crash to programmed Personnel Management, but said it was the work of criminal activity rather than a state a state than rather activity of criminal the it was work said but Management, Personnel Sargent, E. & David Forsythe Michael cyberattack. sponsored U.S. Workers Data Was Common Crime, StateNot Action 356 Do Not DeleteDo damage, often due to inadequate or careless security. The The security. due to damage, often inadequate or careless even from world, in the anywhere from can come hacking governments. sovereign Hollywood brought the story of the Martian invaders to the big to the invaders Martian story of the big the brought Hollywood the killing viruses in 1953 with and Earth’sscreen bacteria the invaders had in 1996 Day Independence movie The invaders. future. the of a harbinger viruses, computer by defeated The cyberwarriors defense. and offense between and security, on the operating brilliant, are often wits in this battle of engaged new up to catches Cybersecurity technology. edge of computer ongoing The attack. of waves new create attackers while threats, Software at risk. security national and personal places war be free ever can system human-designed No vulnerable. remains of risk. and providers against service suits, action class including account holders, 37838-chp_19-2 Sheet No. 8 Side B 05/09/2016 12:16:02 B 05/09/2016 8 Side Sheet No. 37838-chp_19-2 37838-chp_19-2 Sheet No. 9 Side A 05/09/2016 12:16:02 RADE T 4/19/2016 PM7:39 EARNED FROM EARNED FROM EDERAL L 13 ESSONS :L ments/plain-language/pdf0205- USINESS B 357 357 focus on the of perspectives the UIDE FOR Symposium presents Symposium distinguished Introduction ftc.gov/system/files/docu :AG ECURITY S TART WITH ,S Chapman Law Review Law Chapman (June 2015), https://www. ASES For a discussion of the lessons from the FTC cases, see see F cases, FTC the from lessons the of a discussion For The 13 M K OMMISSION government and corporategovernment for the and cybersecurity sectors practitioner. experts and scholarsexperts on cybersecurity. Harvey Rishikof, Co-Chair of Cybersecurity the ABA TaskLegal Chair of and the Force Advisory the ABACommittee for Standing Committee on Lawand National Security, delivers the keynote address, “Framework for the Future ofCybersecurity.” Panels startwithsecurity.pdf [http://perma.cc/2BHE-GD29]. [http://perma.cc/2BHE-GD29]. startwithsecurity.pdf C FTC C 2016] 2016] Do Not DeleteDo has brought Commission Trade Federal the In addition, hacker. security. with inadequate companies action against C Y 37838-chp_19-2 Sheet No. 9 Side A 05/09/2016 12:16:02 A 05/09/2016 9 Side Sheet No. 37838-chp_19-2