Washington Lawyer - October 2019 - 25

A former electronic crimes special agent for the U.S. Secret Service, Ferrante
leads Withum's cyber and information security practice. He has provided
his expertise to large enterprises such as Neiman Marcus, Target, and Sony
PlayStation Network in dealing with data breaches.
In May, Ferrante delivered the keynote address at the D.C. Bar's 2019 CLE Institute
on Technology and the Law, focusing on the need for law firms to tighten up
their cybersecurity by investigating a lot of the hardware being used by their
employees both inside and outside the office. Ferrante pointed out that the
United States lags behind other major countries in terms of cybersecurity.
"Despite having some of the best security in the world, we are [overwhelmed]
by highly sophisticated hackers," he said, adding that wearable tech, USB ports
in vehicles, printers, and USB flash drives are easy gateways for hackers to either
steal vital information or to infect with ransomware (malware designed to hold
critical electronic information hostage until ransom is paid).
"Cybersecurity doesn't have to be expensive," Ferrante says in a recent interview
with Washington Lawyer, hoping to dissuade law firms from thinking that it's
a costly investment. "There are simple ways to secure stuff."

VEHICLES
Today's cars might not be as intelligent as KITT from the 1980s TV show Knight
Rider, but many have sophisticated computer systems that everyone should
be aware of. Most newer models come with USB ports and Global Positioning
System (GPS); some are even equipped with microphones.
"Think of a vehicle now as a computer," Ferrante says. "Vehicles are really a great
point to gather information from a law enforcement perspective, as well as for
civil cases and eavesdropping, because these vehicles have everything that
you'll want. There's an expectation of privacy in vehicles. If a microphone is
activated, is there a notification? Maybe, maybe not. But there are ways to
disable the microphones." Ferrante suggests checking your car's privacy
settings, and if you're selling it, conducting a complete data sweep before
letting it go.

Below, Ferrante describes security protocols for common physical devices,
vehicles, and even televisions that every law firm - and perhaps anyone
concerned about their privacy - should closely monitor.

SMARTWATCHES
SERVER ROOMS
Reminiscent of the scene in the Wizard of Oz where Toto pulls the curtain to
reveal the powerful Wizard, a server room is the firm's inviolable space for
keeping data networks flowing, hopefully securely. But, as Ferrante explains,
those rooms shouldn't be viewed as mere storage facilities. Wires and servers
need to be neatly organized, and the room kept to a certain temperature. More
importantly, server rooms shouldn't be easy for anyone to access. In fact, visually
they should have a low profile.
"Securing the server room is important because there are devices that can be
plugged into the back of the servers, whether it's keyloggers or other things
that can siphon data off the system," Ferrante says.

They may look sleek and suave, but cutting-edge devices like smartwatches can
be used to steal vital information from many computers and other devices with
hard drives. "We've seen people use smartwatches for nefarious reasons,"
Ferrante says. "Some watches have USB ports in the back, which you can plug
into the back of a computer. Other watches are recording a lot of information
as well - those are the ones that are synced with smartphones."
"Smartwatches become another interface with your mobile device, so obviously there is information storage in them as well," Ferrante adds. "And there
are ways to transmit information directly from those devices to the cellular
network."

SMART TVs
PRINTERS
According to Ferrante, many of today's high-performance printers have hard
drives that store vital information from documents. "Printers are often overlooked because people think of them as machines that create paper copies of
documents," he says. "That data can be replicated outside of the physical environment of the printer without anyone's knowledge, or directly infiltrated from
the printer at the end of its life cycle." Before selling or abandoning a printer for
an upgrade, it's wise to conduct a data sweep, Ferrante recommends.

There are already concerns that home-assistant devices such as Alexa and
Google Home are "spying" on people, but what about some of today's smart
TVs? "Some televisions have built-in microphones," Ferrante explains. "We used
to get a lot of requests for bug sweeps inside businesses. But the best bugs are
already placed in people's homes." Consider how these smart TVs can integrate
with social media platforms and track viewer habits. In short, check your TV's
privacy settings.

////////
OCTOBER 2019

*

WASHINGTON LAWYER 25



Washington Lawyer - October 2019

Table of Contents for the Digital Edition of Washington Lawyer - October 2019

Digital Extras
Your Voice
From Our President
Practice Management
Calendar of Events
Coding Out Implicit Bias With Ai
Rewriting the Rules on Data Privacy
Compromised Devices: Hardware Hacking Dangers
Taking the Stand
Member Spotlight
Global & Domestic Outlook
Worth Reading
Media Bytes
Attorney Briefs
Ask the Ethics Experts
Disciplinary Summaries
The Pro Bono Effect
Community & Connections
Last Word
Washington Lawyer - October 2019 - Cover1
Washington Lawyer - October 2019 - Cover2
Washington Lawyer - October 2019 - 1
Washington Lawyer - October 2019 - 2
Washington Lawyer - October 2019 - 3
Washington Lawyer - October 2019 - Digital Extras
Washington Lawyer - October 2019 - Your Voice
Washington Lawyer - October 2019 - From Our President
Washington Lawyer - October 2019 - 7
Washington Lawyer - October 2019 - Practice Management
Washington Lawyer - October 2019 - 9
Washington Lawyer - October 2019 - Calendar of Events
Washington Lawyer - October 2019 - 11
Washington Lawyer - October 2019 - Coding Out Implicit Bias With Ai
Washington Lawyer - October 2019 - 13
Washington Lawyer - October 2019 - 14
Washington Lawyer - October 2019 - 15
Washington Lawyer - October 2019 - 16
Washington Lawyer - October 2019 - 17
Washington Lawyer - October 2019 - Rewriting the Rules on Data Privacy
Washington Lawyer - October 2019 - 19
Washington Lawyer - October 2019 - 20
Washington Lawyer - October 2019 - 21
Washington Lawyer - October 2019 - 22
Washington Lawyer - October 2019 - 23
Washington Lawyer - October 2019 - Compromised Devices: Hardware Hacking Dangers
Washington Lawyer - October 2019 - 25
Washington Lawyer - October 2019 - 26
Washington Lawyer - October 2019 - 27
Washington Lawyer - October 2019 - Taking the Stand
Washington Lawyer - October 2019 - 29
Washington Lawyer - October 2019 - Member Spotlight
Washington Lawyer - October 2019 - 31
Washington Lawyer - October 2019 - 32
Washington Lawyer - October 2019 - 33
Washington Lawyer - October 2019 - Global & Domestic Outlook
Washington Lawyer - October 2019 - 35
Washington Lawyer - October 2019 - Worth Reading
Washington Lawyer - October 2019 - 37
Washington Lawyer - October 2019 - Media Bytes
Washington Lawyer - October 2019 - Attorney Briefs
Washington Lawyer - October 2019 - Ask the Ethics Experts
Washington Lawyer - October 2019 - 41
Washington Lawyer - October 2019 - Disciplinary Summaries
Washington Lawyer - October 2019 - 43
Washington Lawyer - October 2019 - The Pro Bono Effect
Washington Lawyer - October 2019 - 45
Washington Lawyer - October 2019 - Community & Connections
Washington Lawyer - October 2019 - 47
Washington Lawyer - October 2019 - Last Word
Washington Lawyer - October 2019 - Cover3
Washington Lawyer - October 2019 - Cover4
https://washingtonlawyer.dcbar.org/novemberdecember2021
https://washingtonlawyer.dcbar.org/julyaugust2021
https://washingtonlawyer.dcbar.org/julyaugust2021
https://washingtonlawyer.dcbar.org/marchapril2021
https://washingtonlawyer.dcbar.org/marchapril2021
http://washingtonlawyer.dcbar.org/novemberdecember2020
https://washingtonlawyer.dcbar.org/novemberdecember2020
https://washingtonlawyer.dcbar.org/septemberoctober2020
https://washingtonlawyer.dcbar.org/julyaugust2020
https://washingtonlawyer.dcbar.org/june2020
https://washingtonlawyer.dcbar.org/may2020
https://washingtonlawyer.dcbar.org/march2020
https://washingtonlawyer.dcbar.org/january2020
https://washingtonlawyer.dcbar.org/november2019
https://washingtonlawyer.dcbar.org/october2019
https://washingtonlawyer.dcbar.org/september2019
https://washingtonlawyer.dcbar.org/julyaugust2019
https://washingtonlawyer.dcbar.org/june2019
https://washingtonlawyer.dcbar.org/may2019
https://washingtonlawyer.dcbar.org/april2019
https://washingtonlawyer.dcbar.org/march2019
https://washingtonlawyer.dcbar.org/january2019
https://washingtonlawyer.dcbar.org/november2018
https://washingtonlawyer.dcbar.org/november2018
https://washingtonlawyer.dcbar.org/november2018
https://washingtonlawyer.dcbar.org/august2018
https://washingtonlawyer.dcbar.org/august2018
https://washingtonlawyer.dcbar.org/June/July2018
https://washingtonlawyer.dcbar.org/april2018
https://washingtonlawyer.dcbar.org/March2018
https://washingtonlawyer.dcbar.org/February2018
https://washingtonlawyer.dcbar.org/january2018
http://washingtonlawyer.dcbar.org/december2017
http://washingtonlawyer.dcbar.org/November2017
http://washingtonlawyer.dcbar.org/september 2017
http://washingtonlawyer.dcbar.org/september 2017
http://washingtonlawyer.dcbar.org/august2017
http://washingtonlawyer.dcbar.org/july2017
http://washingtonlawyer.dcbar.org/June2017
http://washingtonlawyer.dcbar.org/may2017
http://washingtonlawyer.dcbar.org/april2017
http://washingtonlawyer.dcbar.org/march2017
http://washingtonlawyer.dcbar.org/february2017
http://washingtonlawyer.dcbar.org/january2017
http://washingtonlawyer.dcbar.org/december2016
http://washingtonlawyer.dcbar.org/november2016/
http://washingtonlawyer.dcbar.org/october2016
http://washingtonlawyer.dcbar.org/september2016
https://www.nxtbookmedia.com