Ransomware — Stronger Than Ever

Ransomware, the malicious malware that can spread quickly across a computer network, encrypting or otherwise locking down access to data, cost businesses, health organizations, educational institutions, and others millions of dollars in lost revenue and disrupted operations in 2019.

Gerd Altmann/Pixabay

It’s hard to believe that the first ransomware virus was created three decades ago. In 1989, Joseph L. Popp infected 20,000 floppy disks (remember those?) with a virus, which were distributed at a global World Health Organization gathering. Nonetheless, it took another seventeen years before ransomware began to achieve a high level of sophistication.  It wasn’t until 2005 that the first contemporary ransomware programs began to show up. In 2008, Bitcoin’s emergence was a game changer for ransomware cyber criminals by providing a mostly anonymous system of transferring money and making it easy for them to extort their victims.  Since 2011, large scale ransomware attacks have escalated. For a recap of these and other key events and attacks from 2005 through February 2020, see KnowBe4’s timeline.

A lot is written about ransomware. Enter Infographics, one way to obtain a quick and clear visual overview of the current state of ransomware. For example, MalwareFox offers an infographic that outlines the trends and figures for ransomware statistics in 2019.  According to their infographic, desktops were the most infected device (80%), access was gained most often through phishing via email or social media (69%), the major cause of attacks started with careless employees (51%), and 46% of victims did not pay the ransom and instead decrypted on their own or replaced data with backup. The infographic also includes a map that reveals the distribution of ransomware attacks across the world — the U.S. was hit 46% of the time, while other countries or continents were hit less than 10% of the time.

Darwin Laganzon-Pixabay What makes ransomware difficult to deal with is the continuing evolution of new strains of ransomware. If you are interested in learning what the 10 “monstrous ransomware strains that haunted 2019” were, take a look at this infographic from Acronis. Details on each monster strain appears just beyond the infographic. Ryuk, number seven on the list, was responsible for a pervasive attack that halted production at a giant Belgian airplane parts manufacturer for weeks and sent home nearly 1,000 employees on paid leave while the company struggled to restore critical systems frozen by the attack.  The Ryuk virus continues to attack, most recently hitting the Tampa Bay Times in January 2020.

Network file encryption is a type of attack that locks access to files by encrypting them. Vectra AI’s infographic breaks down the victims of this type of attack by industry around the world and in the U.S. The finance and insurance industry is hit hardest in Europe and the Middle East (35%), with the healthcare industry at 18% and energy industry at 17%. Like Europe and the Middle East, in the U.S. the finance and insurance industry is hit hardest at 38%. Education is a close second at 37%, followed by governments at 9%. The infographic also shows where network file encryption has been detected by region.

An infographic from Dropsuite provides additional information on the most targeted industries along with a list of the most notorious attacks since 2013, and the top ransomware infiltration tactics. Interestingly, Dropsuite predicts a five times increase growth of ransomware attacks on hospitals by 2021.

What’s ahead, you ask? According to Comm & Tech Blog’s infographic, ransomware attacks will increase to 1 in every 11 seconds by 2021.  They also predict that 70% of the people who pay ransom will not get their data back. McAfee’s threats prediction infographic describes new directions ransomware attacks will take, including the emergence of cyber criminals merging to create malware-as-a-service families, evasion techniques moving toward the use of AI, and attacks moving to target cloud services. Notable is the prediction of issues presented by voice-controlled digital assistants allowing entry into the home. It looks like ransomware may be coming very close to home. You might want to reconsider buying those smart appliances … or … take charge and learn how to protect your smart home from potential hackers.

Pixaline-Pixabay

Images from Pixabay contributors: Gerd Altmann, madartzgraphics, and Pixaline.

All in One Place – Software & Vendor Trainings

If you have ever thought about how nice it would be if there was a guide that listed multiple different vendors along with a short informative description and links to their how-to tutorials and trainings — all in one place — you are in luck.  The Villanova Law Library has put together a pretty cool LibGuide on “Software & Vendor Trainings” primarily focused on legal research and practice management vendors.

In the LibGuide’s Legal Research section, links to training materials may direct you to help centers, archived/live webinars, videos, FAQs, certification training, and tutorials. Vendors include Bloomberg Law, Westlaw and Practical Law, and Lexis, plus state bar vendors Fastcase and Casemaker, as well as specialty vendor platforms Checkpoint and Wolters Kluwer’s Cheetah.

What might distinguish the Villanova Law Library LibGuide from others is its section on practice management vendors — twelve in total. For students heading out for summer jobs (or new attorneys or those of you teaching law practice management and technology classes), this part of the LibGuide may be particularly useful. There are links to overview videos, setup guides for new users, and special features unique to a particular platform.  Vendors included here are AbacusLaw, Amicus Attorney, Clio, CoCounselor, CosmoLex, Firm Central, HoudiniESQ, Jarvis Legal, MyCase, Practice Panther, Rocket Matter, Time Matters, and Zola Suite. Whew!

There is also a small section on free presentation software — emaze, Google Slides, Prezi, Trial Director for iPad, and ZohoDocs-Show, and under the Other Resources section, you will find links to CALI lessons and CALI videos.  Definitely a guide that packs a punch and is worth a look.

“The Wall” Litigation Moves Forward, But Slowly

Discussion about the cost of access to documents on PACER (Public Access to Court Electronic Records) — sometimes referred to as “The Wall” — is not a new one.  In the May 2017 issue of The CRIV Sheet, an article described the background of the availability of court documents, the evolution of PACER, and a group of four lawsuits filed against PACER at the time.

Recently, The Goodson Blogson posted an update on this ongoing litigation focusing on one of these law suits, a class-action led by three consumer protection groups: the National Veterans Legal Service Program, the National Consumer Law Center, and the Alliance for Justice.  A New York Times article on the case, states that the complaint “highlighted practices of overcharging or double-charging individual users, and also challenged the judiciary’s practice of using excess PACER income for costs unrelated to the maintenance of the court record system.”  More specifically, according to a Minnesota Law Review article, at the center of this class action suit was a phrase in the E-Government Act of 2002 that states courts may impose fees “only to the extent necessary” to make public records available.

Last year, federal District Court judge for the District of Columbia Ellen Segal Huvelle ruled in favor of the plaintiff consumer groups, accepting the challengers basic theory. The case is now on appeal in the U.S. Court of Appeals for the Federal Circuit and, perhaps predictably, there has been a flurry of supporting Amicus Curiae briefs.

AALL, along with the American Civil Liberties Union, American Library Association, Cato Institute, and the Knight First Amendment Institute at Columbia University, presented an amicus brief supporting the idea that the First Amendment guarantees the public a right of access to judicial records through PACER.  

The Reporters Committee for Freedom of the Press and 27 Media Organizations has filed a brief in support, stating the “policy is bad for democracy” and that “news outlets across the country face leaner budgets” and the budgetary challenges are especially hard on “independent journalists and community news media companies.”

Another supporting brief was filed by former Senator Joe Lieberman, one of the original sponsors of the E-Government Act of 2002.  Senator Lieberman, in his brief, claims Congress meant for fees to cover costs “only to the extent necessary” and that allowing the government to charge fees higher than costs necessary is “at odds with the text, history, and purpose of the E-Government Act of 2002.” (see pgs. 2-3)

In addition, the ABA Journal in an update on the litigation, mentions seven retired federal judges who have filed a supporting brief, including former Circuit Court Judges Richard Posner and Shira Scheindlin.  The judge’s amicus brief calls on the court to allow the information to be accessed for free, arguing. among other things, that it would increase judicial transparency and the legitimacy of the courts.

Oral arguments took place last week on February 3, 2020.  You can listen to arguments at the Court of Appeals for the Federal Circuit oral argument website, appeal number 2019-1081.  A Bloomberg Law article summarizing the oral argument states the “judges appear[ed] to reject [the] government’s broad reading of the statute” and “focused on merits, not government’s jurisdiction argument.”

Post updated: 2/10/2020

Additional Update — Wolters Kluwer Cheetah

Wolters Kluwer has provided an additional update and clarification to the CRIV blog post of February 4, 2020 on the Cheetah platform regarding missing content.  From Wolters Kluwer:

As of August 2017, Wolters Kluwer has added all of its trusted legal content onto the Cheetah legal research platform. At AALL 2018, Wolters Kluwer announced that all of its law firm and corporate customers would be migrated from Intelliconnect to the Cheetah platform by the end of the year as their contracts came up for renewal.

Academic customers were provided with additional time to make the transition from Intelliconnect to Cheetah. Even today, some law school libraries still have dual access to their subscribed content on both Intelliconnect and Cheetah as the continue to make the transition.

If you are an Academic customer who has not yet transitioned to Cheetah and would like to discuss your transition plan with Wolters Kluwer, you may contact Sean Hearon, Academic Sales Lead, at SeanHearon@wolterskluwer.com 

If you are already a Cheetah customer and have questions about your account, you can contact Wolters Kluwer at 1-800-955-5217 or email: CheetahSuport@wolterskluwer.com.training-support/cheetah.

Wolters Kluwer Cheetah Update

Several law school libraries that subscribe to Wolters Kluwer’s Cheetah database and platform have experienced multiple issues with unexpected and unpredictable missing content for several months.  Briefly, here is what happened and an expected time frame for fixing the issue.

Originally, tax content was managed by the Tax and Accounting (TAA) division at Wolters Kluwer.  In August of 2019, the Legal and Regulatory (LAR) division took over management of the tax content.  The missing content problem stems from the period when TAA was managing the content.  When renewals came up this past year, TAA renewed content to Intelliconnect, the prior platform, instead of to Cheetah.  To update the system properly, LAR has had to move content manually from Intelliconnect to Cheetah on a law school by law school basis, which is taking time to complete based on the volume of content that needs to be transferred.

Completion of the manual movement of content to Cheetah is expected by the end of February this year.

CRIV-Wolters Kluwer Bi-Annual Liaison Call

Conference call took place on Thursday, November 21, 2019 at 10:00 a.m. PST.  Call adjourned at 10:15 a.m. PST.

Participants:

  • Jenna Ellis, Wolters Kluwer Liaison
  • Vani Ungapen, AALL Executive Director
  • Karen Selden, AALL, CRIV Board Liaison
  • Cynthia Condit, AALL, CRIV Wolters Kluwer Liaision

Agenda:

Wolters Kluwer Programs, Activities, or Business of Interest to CRIV and/or AALL

  • Announcements/Updates:
    • Smart Charts.  At the July 2019 AALL annual meeting Wolters Kluwer gathered a focus group of librarians in the legal field.  Many in the focus group indicated strong interest in the practice tool that creates multi-jurisdictional surveys called Smart Charts.  Based on the feedback, Wolters Kluwer will be making Smart Charts its own document type for searching.  The Smart Charts are currently under development.  There is no exact roll-out date, but expecting it to be sometime in 2020.
    • “Did You Know?”  To increase awareness of some useful products that people may not know about, Wolters Kluwer is providing focused introductions to these products.  Access to products depends on your specific subscription.  In today’s call, Jenna drew attention to a group of over 65 white papers written either internally by Wolters Kluwer or more often by law firms.  The white papers are highly used and well liked.  Some professors attach them to course syllabi.  However, the white papers do not appear in the usual topical area search results.  Instead they must be searched for separately in their own content category under News & Commentary.  When accessed, you can browse and word search the white papers.  Please see the screenshot below for more detail.

WK-WhitePapers-Nov2019

    • Cheetah.  Jenna noted that Cheetah has now been up and running for a full year.  There have been no further outage issues.

Requests for Advocacy

  • One outstanding request – resolved:
    • Question: Why did Wolters Kluwer stop collecting sales tax on tangible items in California since the beginning of 2019?
    • Response: California (and Wisconsin) do impose a sales tax on initial purchase of a loose-leaf subscription (they published the letter ruling).  Sales tax must be paid, according to the California State Board of Equalization, on initial purchases because purchasers are receiving binders, (tpp), with the subscription and the binders are not sold separately from the subscription.  Because the binders are taxable, the entire initial subscription is taxable.  The renewal of the subscription is not taxable because the customer receives monthly updates (i.e., more than 4), and therefore the renewal qualifies as an exempt subscription.
  • No new requests

AALL Programs, Activities, or Business of Interest to Wolters Kluwer

  • Sponsorship contact for AALL annual meeting:
    • The new sponsorship point of contact for the AALL annual meeting is Rocco Impreveduto, Director of Marketing at Wolters Kluwer.

Other Items of Interest — None

CRIV Vice-Chair Presenting at CRL Conference

Deborah Heller, Vice-Chair of AALL’s Committee on Vendor Relations (CRIV) will be presenting with Jason Sokoloff, Vendor Relations Chair of Academic Business Library Directors (ABLD), at The Center for Research Libraries (CRL) online conference, “Strategies for Strengthening Collective Dealings: an eDesiderata Forum,” on Wednesday, October 30, noon to 3:00 pm CT.

Deborah and Jason, scheduled to present at 1:45 pm CT,  will discuss the unique and pivotal role of the ABLD and AALL consortia in facilitating communication between librarians and information providers in the areas of business and law, focusing on how these groups are able to collectively advocate for their members through their Vendor Relations programs.

To attend any of the conference presentations register here.  You will be asked to create a CRL login account, but membership in CRL is not required.

The CRL’s 2019 eDesiderata Forum is focused on strategies for achieving greater strength in collective dealings with content producers and aggregators and best practices to achieve alignment of member interests and greater transparency and equitable terms and pricing.