Recent United States Department of Justice (“DOJ”) indictments of Chinese hackers provide a reminder that trade secrets and other intellectual property stored on databases are attractive targets to bad actors. The DOJ announced that seven international defendants were charged in connection with computer intrusion campaigns impacting more than 100 victims in the United States and abroad.

The victims of the cyberattacks included software development companies, computer hardware manufacturers, telecommunications providers, social media companies, video game companies, non-profit organizations, universities, think tanks, and foreign governments. The hacking facilitated the theft of source code, software code signing certificates, customer account data, and other valuable business information. These cyberattacks also enabled the defendants’ other criminal schemes, including ransomware attacks and “crypto-jacking” schemes, which involve the unauthorized use of victim computers to “mine” cryptocurrency.


Continue Reading DOJ Indictment of Chinese Hackers for Break-Ins at 100 Companies Reinforces The Importance of Protecting Trade Secrets and Implementing Security Protections

The COVID-19 crisis has presented an array of novel issues for companies, including new and unexpected cybersecurity threats. In addition to the now well-known security limitations of video platforms such as Zoom, we are seeing cyber-attacks in the form of COVID-19 related phishing attempts and ransomware attacks. In at least some of these attempted hacks, cybercriminals are hoping to steal trade secrets.

  • Cybercriminals are taking advantage of the novel at-home working environment and the increased fear and uncertainty surrounding the pandemic to launch malware and phishing attacks related to COVID-19.
  • Employees may be more likely to click a link or open an attachment, even though they would never consider doing so in a normal situation at work.
  • Therefore, malware may pose more of a danger than it did when employees primarily accessed their email over their employers’ traditionally more protected systems.
  • Companies should consider putting employees on notice about the COVID-19 related phishing attempts and provide examples of common scams.


Continue Reading COVID-19 and the Unique Opportunity for Phishing

The COVID-19 pandemic presents unique and unprecedented challenges to the ongoing need to protect confidential information and trade secrets. The massive business disruptions that enterprises of all kinds now face include (1) entire workforces forced to work remotely, accessing and using confidential information and trade secrets from home; (2) exigent circumstances created by the cessation or substantial slowing of commercial activity that may result in the disclosure of confidential information or trade secrets to third parties outside normal procedures; and (3) the off-boarding of remote employees who are accessing confidential information and trade secrets remotely.

Trade secret protection may not be the immediate priority of a business facing massive business disruptions, but taking reasonable steps now to protect the security of trade secrets and confidential information is critical to the preservation of these valuable assets when this crisis is over. Trade secret law – both federal and state – requires that a trade secret holder take reasonable measures under the circumstances to protect trade secrets.1 Reasonable measures relate not only to prevention of unauthorized disclosures, but also the minimization of the impact of any such disclosures after they occur, and these measures must be reasonable now under the current exigent circumstances.
Continue Reading Trade Secret Protection During the COVID-19 Pandemic

On July 5, 2016, the Ninth Circuit affirmed the conviction of David Nosal, an ex-employee of Korn/Ferry, an executive search firm, who left to start a competing firm. With Nosal’s knowledge and encouragement, two other former employees of Korn/Ferry used a current employee’s credentials to gain access to the Korn/Ferry database and take confidential information. U.S. v. Nosal, No. 14-10037, 2016 WL 3608752 at 6 (9th Cir. July 5, 2016).

The prosecutors charged Nosal with violating section 1030 (a)(4) of the Computer Fraud and Abuse Act (“CFAA”), which criminalizes “knowingly and with intent to defraud, access[ing] a protected computer without authorization, or exceed[ing]authorized access, and by means of such conduct further[ing] the intended fraud and obtain[ing] anything of value.”1 Having failed to state an offense that Nosal “exceeded authorized access” by violating the company’s internal use restrictions (decided in Nosal I), the government filed a superseding indictment alleging Nosal violated the “without authorization” prong of the CFAA after his login credentials were revoked through his co-conspirators’ use of his former executive assistant’s login information to access Korn/Ferry’s database.

The jury convicted Nosal on all counts. On appeal, the Ninth Circuit analyzed the meaning of the words “without authorization.” The Court held that the phrase was unambiguous and its plain meaning encompassed the situation in this case where the employer rescinded permission to access a computer and the defendant accessed the computer anyway.


Continue Reading United States v. Nosal: Keep Your Friends Close, but Your Passwords Even Closer