Publications — Page 33 of 47 — Lindabury, McCormick, Estabrook & Cooper, P.C. Firm News & Events

Home » Publications

Forget About the Firewall: Employees are First Line of Defense Against Cyberattacks

Published on: May 15, 2017 | by Eric B. Levine

Eric Levine, Lindabury’s Cybersecurity and Data Privacy Group‘s Co-Chair was recently interviewed by NJBIZ’s Brett Johnson regarding a business’s first line of defense against a cyberattack. Levine says the approach exploits features inherent to human nature. “It’s preying on people’s inquisitive side,” Levine said. “And you can’t buy a firewall for that.”

“Yes, there are hackers who are out there who are trying to break through firewalls through different approaches, including state-sponsors actors, and there are many technologies to protect against that,” Levine said. “But it’s the social engineering — (stuff like) phishing scams — that capitalizes on mistakes people make that are the easiest tools to utilize.”

To read the full article as published online click here.

N.J. Cyber-Experts: Another Attack Is Coming — Here’s The No. 1 Thing To Do (And Not To Do)

Published on: May 15, 2017 | by Robert W. Anderson

Lindabury’s Bob Anderson, shareholder and co-chair of the Cybersecurity and Data Privacy Group, was interviewed by NJBIZ‘s Tom Bergeron in response to the worldwide ransomware attack over the weekend. Bob said the attacks last weekend were not a surprise at all to the people in the industry.

“It was just a matter of time before something like this happened,” he said. “We’ve seen ransomware attacks pick up at an incredible level the past few years. It was just going to happen at some point that somebody was going to launch something that was going to travel from computer to computer and spread to every country in the world.”

Lindabury will be represented at the NJBIZ Cybersecurity panel discussion on May 18th at Raritan Valley Country Club in Bridgewater, where the Cybersecurity and Data Privacy Group’s co-chair Eric Levine is participating as a panelist.

New Jersey’s Spill Act and Concepts of Equity

Published on: May 9, 2017 | by Lindabury, McCormick, Estabrook & Cooper, P.C.

On March 3, 2017, the Appellate Division of the New Jersey Superior Court upheld a Chancery Court’s determination requiring parties to participate in an investigation of contamination despite the fact that there was no evidence linking any of the parties to the contamination. Matejek v. Watson, et al., Dkt No. A-4683-14T1. In doing so, the appellate court employed principles of equity to expand potential liability under the New Jersey Spill Compensation and Control Act, N.J.S.A. 58:23.11 et seq. (the “Spill Act”). The Matejek decision, which seems inapposite to other Spill Act jurisprudence, greatly expands the reach of the Spill Act and would require parties to expend resources to investigate contamination even when there is no evidence of any nexus to that contamination.

The decision has its genesis in oil contamination discovered in a tributary located in the vicinity of a residential condominium development. The New Jersey Department of Environmental Protection (“NJDEP” or the “Department”) responded to the threat by removing, at state expense, underground storage tanks from each of the adjoining five condominium units. Once the tanks had been removed, the Department determined that there was no further imminent threat to the tributary and terminated further work on the site. However, the Department never closed its administrative file and the site remained on the Department’s active list. Several years later, the owners of one of the condominium units sought to complete the investigation in order to remove what they deemed a cloud on title. They then brought an action against the other four condominium owners to compel them to equally participate in and complete the investigation (and, if necessary, the remediation).

The Chancery Court, after a bench trial, entered judgment requiring the parties to jointly retain a licensed site remediation professional to complete the investigation. The Court held that despite the fact that there was no evidence of the precise source of or responsibility for the contamination, the fact that the Department ordered the removal of all five tanks was enough to require that all of the impacted unit owners share in the steps necessary to further investigate the source of the contamination. More bewildering is the fact that the decision did not discuss or make any findings as to which of these five tanks had leaked or been involved in the discharge. Adjoining unit owners Carlos and Jean Gilmore appealed the Chancery Court’s determination arguing that the Spill Act didn’t require them to participate in a remediation absent evidence that they caused or contributed to the contamination.

GOOGLE Docs Incident Provides a Real-Life Example of the Dangers of Phishing

Published on: May 9, 2017 | by Eric B. Levine

May 3, 2017 was a bad day for Google as a major phishing attack spread like internet wildfire, targeting users of Google docs. However, as bad as it was for Google, it provided us with a real-life example of how the first line of defense to a cyber-attack is none other than you and me. People, not breached firewalls or lack of encryption, are often the cause of a major cyber incident, but with a little diligence, we can present a formidable front-line defense.

What occurred on May 3, 2017 has been described as a widespread phishing scheme through which people received an email, apparently originating from a trusted source, that asked the recipient to open a Google document that was embedded within the email. If the recipient of the email opened the Google document, they would have granted the sender access to the recipient’s email account and contacts. Once the Google document read the recipient’s contacts, it in turn sent more phishing attempts to the recipient’s contacts. The cycle repeated itself rapidly, and Google estimated that the attack spread so quickly that at the peak of the attack, Google’s customer base saw about 150 messages sent per minute. It was estimated that the attack may have affected at least one million people.

Phishing is a form of social engineering that involves sending emails that appear to come from a trusted source or someone the recipient knows in an effort to obtain the computer credentials of the recipient of the email, to hack in the recipient’s private accounts and obtain their personal information or to infect the recipient’s computer systems. It is a common method of cyber-attack today and one, as Google can attest, that can quickly cause widespread havoc.

Legal Advice On: Diversity, Discrimination and Immigration

Published on: May 4, 2017 | by Lindabury, McCormick, Estabrook & Cooper, P.C.

Lindabury’s Labor and Employment Law partner, John H. Schmidt, was interviewed by New Jersey Business Magazine‘s Editor-in-Chief Anthony Birritteri for the article published in the May 2017 issue. Their discussion focused on the fine lines of major issues employers face regarding diversity and discrimination in the workplace and in the hiring process.

New Jersey’s Law Against Discrimination (NJLAD) is among the strongest anti-discrimination laws in the country and according to John Schmidt, “The New Jersey LAD is much broader than the provisions of Title VII because the latter deals with race and sexual discrimination. On the federal level, there is a separate statute for disability discrimination, as an example. In fact, since the mid-to-late 1980’s, most plaintiff attorneys have decided it is to their advantage to bring claims under the NJLAD”

Most companies claim they are equal opportunity employers and have been recognized by the top diversity lists. John Schmidt cautions; “If you select a particular class of individuals [a certain minority group] to hire – giving preference to them- you could be in violation of the NJLAD and federal laws.”

Appellate Division is Favorable, but Stops Short of Permitting Condominium Association’s Appointment of Rent Receiver During Foreclosure Proceedings

Published on: April 20, 2017 | by Blake C. Width

The April 13, 2017, decision of the appellate division in Mill Pointe Condominium Association v. Rizvi, sought to address a condominium association’s efforts to obtain rental income, during the pendency of a foreclosure lawsuit involving an empty condominium unit. By way of background, the association had obtained a judgment against the unit owner who had failed to pay both his residential loan mortgage payments and common expense assessments, and then filed a motion before the Law Division seeking the appointment of a rent receiver, during the pendency of the mortgage lender’s foreclosure lawsuit. The association’s proposed remedy would apply the rent payments to the outstanding judgment in its favor leading up to the foreclosure. The Law Division judge denied the association’s motion, which was opposed by the mortgage lender on the basis that the commencement of a leasehold with a third-party tenant would interfere with the completion of the foreclosure suit, and that it would force the lender to become a landlord. Unfortunately, the Appellate Division was unable to rule on this issue, which became moot because the foreclosure judgment was granted before the court could address the issues. It’s important to note, however, that the court found that the association had “raised interesting and novel legal issues that could have widespread importance.” The court went so far as to recommend that future appellants file a motion to accelerate the appeal, advising the court of the time factors involved.

While the guidance from the Appellate Division in Mill Pointe Condominium Association is certainly no guaranty that another appellate panel will favorably view an association’s request for the appointment of a rent receiver in order to obtain rental income from an otherwise vacant condominium unit, it certainly presents an indication that the court is interested in investigating the possibility of a remedy for similarly situated associations facing lengthy foreclosures.

There are positive and negative considerations involved in the appointment of a rent receiver, even without the potential for contested litigation with a mortgage lender, as was the case in Mill Pointe. Generally speaking, the appointment of a rent receiver by a condominium association is more typical in the context of a foreclosure action commenced on the association’s behalf. On the positive side, rent receivers are able to collect income and apply it to monthly assessments, fees, and arrears owed on a condominium unit as set forth in the order of appointment, and they have a responsibility to avoid waste and disrepair. On the negative side, rent receivers are court-appointed professionals who are answerable only to the court, and do not take direction from the association, once appointed. Furthermore, a rent receiver is only permitted to remain in place for a limited amount of time, from the date of appointment, to the conclusion of the foreclosure case. In order to gain the most benefit, smart associations will consider moving for the appointment of a rent receiver in conjunction with initiating foreclosure proceedings.

Condominium Owner Spill Act Suit Dramatically Increases Potential for Litigation Over Environmental Investigation Costs

Published on: April 20, 2017 | by Blake C. Width

The New Jersey Appellate Division’s decision in Matejek v. Watson, issued on March 3, 2017, compelled the owners of condominium units to share in the cost of environmental investigation under the New Jersey Spill Compensation and Control Act (the Spill Act), without proving liability. This remedy, not previously available to private parties, will likely give rise to an increase in Spill Act litigation due to this advantage over the Comprehensive Environmental Response, Cleanup and Liability Act (CERCLA), which is the federal counterpoint to the Spill Act.

The environmental contamination in Matejek v. Watson dates from 2006, when oil was discovered on the surface of a tributary to Royce Brook in Hillsborough. In response, New Jersey Department of Environmental Protection (NJDEP) removed underground storage tanks from each of five adjoining condominium units that were near the location of the tributary. Other than visiting the site a few months after the removal of the underground tanks in order to confirm the absence of oil in the tributary, the NJDEP took no further action and its file remained open, leaving, as the trial judge later found, a cloud on the title to all five units, given that the presence of the oil would have to be disclosed if any of the properties were to be sold.

Seven years after the removal of the tanks, the owners of one of the impacted condominium units sued the owners of the other four units under the Spill Act, in order to require the owners of the impacted units to participate in and equally share in an investigation, and if necessary, remediation of the property. The Association was joined to the lawsuit in order to compel access to any portions of the common elements required for investigation, testing or remediation.

What Happens to a Business Partner’s Interests in a Company After Death?

Published on: April 19, 2017 | by David R. Pierce

Have you ever heard a story among your friends about a company where two partners got along great, but then one suffered an untimely death and then his widow or children caused the company to breakup? That is a common scenario, although one might not be able to place the blame on the surviving spouse or the children. This is one of the ultimate worst case scenarios that proper planning can help avoid.

As shareholders in a small company each shareholder may have a reasonable expectation of continuing employment and participation in management of the company. When one shareholder dies, unless an agreement among the shareholders is in place providing a right for the company or remaining shareholder to purchase the deceased shareholder’s stock, that stock will be transferred to that deceased shareholder’s heirs, whether by will or by intestacy. As a result, most often the deceased shareholder’s stock ends up in the hands of a surviving spouse or children. In some cases the heir of the deceased shareholder will be able to step into his or her shoes and be able to participate meaningfully in the operation of the business. There may be personality conflicts and other difficulties in operating the business with a new partner, but hopefully, those can be worked out.

More often, however, the deceased shareholder’s stock is inherited by someone who does not have any clue about the business and cannot be expected to participate in or contribute to the operation of the business in any realistic sense. Sometimes this leads the remaining original shareholder to think that he will not pay them a salary since they are not working in the business and he can retain the earnings to reinvest in the business since he is not required to pay dividends. This is a recipe for disaster and some really unfortunate consequences.

Cybersecurity Insurance Considerations For Small And Medium-Sized Businesses

Published on: April 13, 2017 | by Lindabury, McCormick, Estabrook & Cooper, P.C.

Cybersecurity experts have observed that hackers and cybercriminals are increasingly targeting small and medium-sized businesses and that these efforts account for 60% of all cyberattacks. One expert described these companies as the “soft underbelly” of cybersecurity. Companies of all sizes face potentially significant costs in responding to a data breach and losses including business disruption, lost revenue and loss of reputation. The average time to resolve a cyberattack has been estimated at 46 days and costs can increase if the damage is not resolved quickly.

Such expenses could be catastrophic for small or medium-sized businesses so it is important for such companies to understand the insurance implications and select the appropriate coverage to protect against losses from a cyberattack.

TRADITIONAL INSURANCE

New Jersey Courts Are Limited Only By Imagination When Resolving Business Disputes Between Partners

Published on: April 13, 2017 | by David R. Pierce

When dealing with shareholder oppression claims the court has a broad arsenal of remedies at its disposal. In fact, the remedies available to the court are limited only by its own imagination and the court’s sense of fairness.

The statute applicable to oppressed minority shareholders does provide some remedies along with its rights. N.J.S.A. 14A:12-7 (1)(c)(8) states that “Upon the motion of the corporation or any shareholder who is a party to the proceeding, the court may order the sale of . . . the corporation’s stock held by any other shareholder who is a party to the proceeding to either the corporation or the moving shareholder . . . if the court determines in its discretion that such an order would be fair and equitable to all parties under all of the circumstances of the case.”

The statute also gives the court the power, under the appropriate circumstances, to order the dissolution of the company. Although this is a favored threat of a party claiming oppression, it is quite unlikely to be ordered by the court. The court is extremely reluctant to dissolve an operating business and will go the great lengths to preserve a business, including to the extent of ordering a sale of the business to a third party. At least one court has ruled that the statute contemplates the ongoing existence of the corporation or the existence of a successor operating the business as a requirement of any remedy that might be imposed. Thus, dissolution is likely to be the remedy only if the parties agree that it should be the ultimate remedy in the case.