FBI Cyber Division Warns of Targeting Audio and Visual Communication Devices on Business Networks

FBI Cyber Division Warns of Targeting Audio and Visual Communication Devices on Business Networks

Private Industry Notification (PIN) 20190102-001 was being distributed to make private sector partners aware of the exploitation of audio visual communication devices on networks to identify vulnerabilities which could later be used to gain access and unlawfully acquire information about the organization.

The alert was released as TLP: Green and the details, including useful information for preventing access to outsiders, can be shared with clients and contacts, but not via publicly accessible channels. For this report or on ways to monitor and respond to cybercrime, please contact braden@kennyhertzperry.com, or online at Kennyhertz Perry, LLC and its Privacy, Cybersecurity, and Breach Management practice group.

About Kennyhertz Perry’s Privacy, Cybersecurity, and Breach Management Practice Group

Kennyhertz Perry assists clients with data security needs, blending traditional legal experience in the corporate and litigation arenas with technical acumen.

We assist clients in prevention, developing robust information security programs, including administering internal compliance and risk assessments, which include the development and implementation of corporate policies and procedures required for compliance with state and federal privacy and security laws, and information security best practices; information security policies; records retention and management policies.

In addition to prevention, Kennyhertz Perry can prepare security incidence response procedures, identify, assess, contain, and mitigate privacy and security breaches, and work with law enforcement to assist in the investigation of the incident. Businesses that are the victims of cyberattacks also must determine when and how to cooperate with government agencies during investigation of an attack, and how best to do so. The lawyers in our privacy and cybersecurity practice, as well as members of our Government Enforcement practice group have deep experience, from both government and private practice, in this area, and help companies navigate the often complicated interactions with government agencies, and can provide both counseling and representation where the threat of prosecution may arise.

Kennyhertz Perry also assists with IT resiliency understanding and engaging at the top management and board level. Traditionally, IT has been misunderstood, and management would not understand the role and responsibility of IT departments. Kennyhertz Perry bridges this gap at all level. At the Board level, directors not only need to be sophisticated with business issues, they also need to be versed in today’s cyber and IT. Translating an understanding of the importance of a proactive IT security policy, and feeling like the company is “on board” with IT security efforts. Many companies have very robust policies and procedures for their business processes, which sophisticated Board members can understand. IT is different. It’s a different language for a business person, and unfortunately most Board members will ignore or defer on issues they don’t understand. So when an IT department presents a robust plan for proactive IT security, it may go ignored or disregarded. This can lead to a reactive plan only that focuses on the “when” as opposed to prevention. IT is a different language. We serve as Board IT/cybersecurity liaison to be the “go between” and translate the IT language into business and vice versa.