Cybercrime, Bridgegate and healthcare fraud have been the focus of New Jersey federal prosecutors over the past few months. In this New Jersey Federal Criminal and Regulatory Alert, we consider prosecutions by the U.S. Attorney's Office in New Jersey and the SEC that are of note to companies based in New Jersey or doing business in the state. Within this issue, we summarize several major cybercrime cases being handled by the U.S. Attorney's Office, which has made prosecuting cybercrime a top priority. We also focus on the September 2016 Bridgegate trial, the recent guilty plea by former Port Authority Chairman David Samson to bribery charges, and a healthcare kickback case involving Olympus Corporation of the Americas.
UPDATES TO PREVIOUSLY REPORTED CYBERCRIME CASES:
Cybercrime - Ukrainian Citizen Admits to Using 13,000 Infected Computers to Loot Log-In Credentials, Payment Card Data
After pleading not guilty at his federal court arraignment on October 19, 2015, Sergey Vovnenko pled guilty on January 20, 2016, to one count of wire fraud conspiracy and one count of aggravated identity theft. According to court documents and the press release of the U.S. Attorney's Office, Vovnenko and his associates operated an international criminal organization that hacked into the computers of individuals and companies located in the U.S. and elsewhere, stealing usernames and passwords for bank accounts and other online services. The wire fraud conspiracy charge carries a maximum penalty of 20 years in prison and a $250,000 fine, while the aggravated identity theft charge carries a mandatory two-year sentence, to be served consecutively to the conspiracy charge. Sentencing is scheduled for December 5, 2016.
Cybercrime - Russian National Admits Role in Largest Known Data Breach Conspiracy Ever Charged
Sentencing for Russian cybercriminal Vladimir Drinkman has been adjourned several times, and is currently scheduled to take place on December 14, 2016. On September 15, 2015, Drinkman pled guilty to one count of conspiracy to obtain unauthorized access to protected computers and one count of conspiracy to commit wire fraud. The wire fraud charge carries a maximum penalty of 30 years in prison and a fine of the greater of $1 million or twice the gain or loss from the offense. The unauthorized computer access charge carries a maximum penalty of five years in prison and a fine of the greater of $250,000 or twice the gain or loss from the offense.
TRENDS IN CYBERCRIME CASES:
Protecting Your Business from Cyber Attacks
"Ransomware" attacks, one of the fastest growing types of cybercrimes, have been occurring more and more frequently in 2016. In a typical ransomware scenario, a hacker installs malware that encrypts and "locks" the victim's digital files and holds them "ransom" until the victim pays, usually with untraceable currency like Bitcoins. The virus is typically launched through an infected e-mail that appears official in nature, so companies must remain vigilant and continuously educate employees about the risks. Security audits by preventive cybersecurity firms are one way of protecting businesses against cybercrime.