On October 29, Alston & Bird’s Cybersecurity Preparedness & Response Team will host a live program and webinar called National Security, Cyber Espionage and “Bulk PII” Breaches in our Washington, DC office. The program will examine the recent phenomenon of allegedly state-sponsored actors executing major cyber-attacks specifically targeting large databases of personal data for espionage purposes. Speakers on the panel will include our own Senior Counsel Peter Swire; Luke Dembosky, Deputy Assistant Attorney General, National Security Division, U.S. Department of Justice; and Charles Carmakal, Vice President, Mandiant. Discussion will be moderated by partners Jim Harvey and Kimberly Peretti, who are co-chairs of the Alston & Bird Cybersecurity Preparedness & Response Team. We invite you to attend this live seminar in our Washington, DC office. Alternatively, we will also make this program available via webcast.
The panelists will specifically examine a recent, notable shift in the nature of some high-profile cyber-attacks. Many of the major cyber-attacks in the past decade have been perpetrated either by criminals seeking to exploit personal data, such as credit card account data or Social Security numbers, for financial gain or nation-state actors seeking to appropriate business information, such as intellectual property, or probing (or otherwise infecting) critical infrastructure for espionage or potential cyber-warfare purposes. In several recent cases, however, attacks attributed to state-sponsored actors have targeted organizations specifically to exfiltrate bulk personal data, including high-profile attacks on the Office of Personnel Management and health care insurers. While most commentators agree that the attackers’ interest in this type of data is connected to espionage, this shift in the operations of state-sponsored actors marks a notable departure from their past practices. Although nation-states have often targeted individuals for spying purposes, the theft of mass quantities of personal information through cyber-attacks for these purposes is unprecedented.
Moreover, while there is general agreement that nation-states are targeting large databases of personal information, it is less clear what the attackers plan to do with the stolen data. Will they use it to target civilians for identity theft? Will they use it to blackmail government employees and contractors with high-level clearance? Why are the attackers interested in healthcare data or other seemingly “generic” data? Our panelists will explore these questions and more.
For more information or to register, please click here. CLE and CPE credit is available.