ITMG Insider Threat News – September 1, 2021

Former CEO and COO Of JHL Biotech Convicted of Conspiracy to Steal Trade Secrets and Commit Wire Fraud Exceeding $101 Million

According to the plea agreement, Jordanov hired former Genentech employees to work at JHL Biotech, several of whom he learned surreptitiously brought, without authorization, confidential and proprietary documents with them from Genentech to JHL Biotech.  The company used only some of the stolen documents, but Jordanov tolerated this practice by the employees of JHL Biotech and made no effort to discourage its employees from using the documents or information they brought with them.  The employees Jordanov hired provided the Genentech documents and information to JHL Biotech, which, at times, allowed the company to cheat, cut corners, solve problems, provide examples, avoid further experimentation, eliminate costs, lend scientific assurance, and otherwise help JHL Biotech start-up, develop, and operate its business secretly using the intellectual property and scientific know-how taken from Genentech.  Jordanov admitted that he suspected that some or all the stolen information was brought to JHL Biotech in violation of relevant Genentech non-disclosure agreements and employment contracts, but he made no effort to verify whether that was true.

40% of SaaS Assets are Unmanaged, Putting Companies at Risk for Data Leaks

DoControl announced a report which provides data-driven insights into the growing number of external and insider threats due to vast amounts of unmanageable data in today’s enterprises. Based on customer data, the findings clearly illustrate there is a magnitude of SaaS data exposure, with 40% of all SaaS assets unmanaged, providing internal, external and public data access.

You Will be Breached, so Modernize your Data Protection

The need for pervasive data access has dramatically increased over the last 18 months. As knowledge workers have shifted to remote work during the pandemic, their need to remotely access business applications and data has accelerated their companies’ move to the cloud.

These major shifts in the way companies do business mean data flows everywhere, and that means data protection must be everywhere. Companies that allow users to log into cloud services and access unprotected data no longer face the question of whether their data will be stolen, but when—and when may already be in the past.

Cybercriminals Inducing Insiders to Plant Malware

Those who manage insider threat programs just got a healthy reminder from researchers at Abnormal Security who detailed how their deployed tools detected a new insider recruitment tactic—this time involving ransomware.

Insider recruitment, be it sponsored by a nation-state, competitor or criminal enterprise, is not new. The means by which the adversary approaches the target to induce them to break trust is what is always evolving. Crane Hassold, director of threat intelligence at Abnormal Security, hooked an adversary and adroitly played the line, keeping the fish in play, to learn more about the bad actor’s strategy to coerce an insider to place ransomware on his employer’s network.

Proofpoint Wins $14m from Ex-VP and French Email Security Rival in IP Theft Court Battle

Infosec firm Proofpoint has won $14m from a former vice president and his new employer after a jury found they had unlawfully used its trade secrets when he moved to the other company.

Both his new firm, infosec company Vade, and Olivier Lemarié misappropriated trade secrets relating to Proofpoint subsidiary Cloudmark’s Trident spear-phishing detection platform, a federal jury in the US state of California ruled late last week.

Medical Breakthroughs Stifled by Waiving Intellectual-Property Rights

The Biden administration recently announced that it would back a proposal by South Africa and India at the World Trade Organization to nullify American innovators’ intellectual property rights for COVID-19 vaccines.

While the proposal’s adoption would not increase the number of global vaccine doses available, it would dissuade investment in innovation, effectively inhibiting the next generation of medical breakthroughs and hurting patients in the process. According to the World Health Organization, “the total number of people without access to essential medicines remains between 1.3 and 2.1 billion people.”

Discover more from ITMG

Subscribe now to keep reading and get access to the full archive.

Continue reading