The Link Between Cybersecurity and eDiscovery

About 18 months ago when I was living in the UK I checked my online banking and was horrified to see that large amounts of money had been paid to someone I did not recognise. This prompted an intense investigation by me, the Fraud Dept of my Bank, the Fraud Squad of the Police and the Fraud Squad of my cell phone service provider.

Briefly, someone had hacked my PC via the favourites bar, cloned my Bank’s Home page (so it appeared normal to me) then learned how I accessed my Bank accounts. Furthermore he was able to replicate how a new recipient was set up and when it came to the part when my Bank would phone me on my cell phone for confirmation, this person had somehow hacked into my phone system and arranged for calls to my number to be forwarded to another phone which was then able to verify the new recipient and the transaction. A great deal of money was diverted from my accounts and purchases made on my credit card to a total of approximately £15,000 (approximately R285,000 at today’s rates). Eventually all was resolved in that the Bank refunded the money to me but the person was never found. You may imagine the stress, inconvenience and frustration as for many months each and every legitimate transaction I made was scrutinised and checked. I learned some valuable lessons about favourites and also storing personal information such as passwords etc. on my PC.

We all know that this has happened to many people all over the world and if you think of the problems caused to me and people like me, can you imagine the consequences of such actions to companies and global corporations? There are some enormously clever people out there who possess the technical ability to cause mayhem within an organisation and it takes enormously clever people and systems to combat what is now called Cybercrime.

I am not an expert in this field and there are much smarter people than me writing about it and, what, you may ask, does it have to do with eDiscovery? I have been prompted to write for two reasons. Firstly, my adopted country South Africa is suffering very serious attacks in this deadly and growing crime wave – see these two articles, 'Africa Cyber Security Market by Solution by Service, by Verticals, by Country - Global forecast to 2020' and 'Cybercrime hitting mobile users hard'.

 Secondly, I am very pleased to be the guest speaker at an event in Cape Town next week held by the regional branch of the ACFE on the topic of “From forensics to eDiscovery” and cybercrime will, no doubt, be a talking point! I say that because I know that there will be audience members who work in this field and I will be fascinated to learn from them what is happening in their world and how they are combating these attacks, whilst at the same time speaking about the role of eDiscovery. 

As I said I am no expert in forensics and cybercrime but I do know that corporations across the world are currently investing large sums of money in combating cyber attacks. Experts are being employed on preventative controls both inside and outside the firewall. I am aware that major financial institutions in SA (and elsewhere, of course) are working with providers on investigation and remediation exercises to assist with this work. The operative word is “preventative”, as discussed in the article by Legaltech News, 'The Phases of a Data Breach'.

I am sure you are still wondering what all of this has to do with eDiscovery.  Well, it is quite simple really – many of the same solutions used in eDiscovery cases are used in acquiring and processing data on behalf of the corporations involved. Again, I do not want name names to avoid opening up a raft of comments saying “...our solution does that but you did not mention it..” but exactly the same processing and hosting solutions are being used in this field to collect, process and analyse. Providers that specialise in cybercrime have departments solely dealing with it and in amongst their solutions they include those more commonly known in litigation. It is within my knowledge that providers in SA are working with eDiscovery software on cyber related matters and we can all be sure that if this is happening in SA it certainly is across the globe.

One more thought as I ask the rhetorical question, “Do law firms understand the risks in holding clients data”? Take a look at this article by Ralph C. Losey, National e-Discovery Counsel, Jackson Lewis P.C, Orlando, USA. 

Food for thought for law firms, large and small?