This mock trial document outlines a scenario where an online merchant, Telluria, experiences a cyber attack that significantly reduces sales. Telluria suspects their competitor Nevia is responsible but Nevia denies involvement. It is later revealed the attacks were actually conducted by a hacktivist group that took control of Nevia's systems in retaliation for alleged labor issues in Telluria's supply chain. The mock trial will have Judge Facciola preside over arguments from lawyers for Telluria and Nevia to determine liability.
1 of 12
Download to read offline
More Related Content
Law w21
1. Session ID:
Session Classification:
Law-W21
Intermediate
Your Honor, It Was Self Defense
a mock hearing
Honorable John M. Facciola
U.S. Magistrate Judge
U.S. District Court for the District of Columbia
Honorable Andrew J. Peck
U.S. Magistrate Judge
U.S. District Court for the Southern District of New York
Steven W. Teppler, Esquire
Kirk-Pinkerton, P.A.
Stephen S. Wu, Esquire
Cooke Kobrick & Wu LLP
.
Hoyt L. Kesterson II
Terra Verde Services
.
Serge Jorgensen
The Sylint Group
2. Agenda for the mock hearing
We lay our scene
Call to order
Legal argument
Decision and commentary by
Judge Facciola
Summary of additional facts
and testimony
3. 財 Telluria is a successful online merchant of clothing in the U.S.
財 In October 2012 sales drop 60%
財 Customers call them saying the website is slow or non-responsive.
財 Customers also tell them that it is di鍖cult to call them.
財 The IT department notes that web pages have been deleted or altered
and that they are inundated with incoming tra鍖c.
財 Their third party support for the VOIP customer service network tells
them that the configuration of the VOIP servers has been modified.
財 One month later sales are at 30%; the CIO brings in a security
consulting company, Arisia .
財 The Arisian consultant determines that the attacks are
coming from Nevia, a very large international conglomerate.
財 He attempts to block the attacks but they continually morph.
財 He tries to block IPs but there are too many sources.
Merchant versus Merchant
4. 財 The holiday season is nigh; since 45% of annual revenues
are realized during this period, management is aflutter.
財 The CIO of Telluria reaches out to the CIO of Nevia and asks
why they are attacking Telluria.
財 What attacks?The Nevia CIO states that Nevia has no
reason to be attacking Telluria and that:
財 things are fine here and that their online functions are performing as
they usually do.
財 they had a PCI audit a few months ago and got a clean bill of health.
財 they wish they could help but that they are busy preparing for the
holiday season.
CIO versus CIO
5. 財 The Telluria in-house counsel reaches out to the in-house
counsel of Nevia. Both CIOs and Tellurias consultant are
present during the conversation.
財 Nevia counsel responds that his CIO says that nothing is
wrong. Perhaps Telluria has misdiagnosed the problem.
財 The Telluria counsel threatens to have the court issue a
Temporary Restraining Order (TRO) against Nevia.
財 The Nevia counsel responds that is certainly Tellurias
prerogative; meanwhile theyre busy with the upcoming
holiday season.
In-house Counsel versus In-house Counsel
6. 財 Tellurian management is desperate and instructs the CIO to fix
the problem.
財 The CIO is panicked and tells the consultant to fix the problem.
財 The consultant attempts a surgical strike against the
compromised systems of Nevia.
財 Unfortunately he strikes an artery while removing a significant portion
of the attacking malware.
財 Unfortunately that which remains tries to restart itself and in doing so
continually crashes the many systems on which it is running.
財 Those systems are the ones that manage inventory and fulfill
customers online orders.
財 Disaster recovery is a disaster and so are the holidays.
Consultant versus Merchant
7. 財 In January Nivia files a lawsuit in federal court in the
Northern District of California against Telluria claiming
computer fraud, tortious interference, and related claims,
citing damage to their computer systems, and a loss of $200
million in sales revenue.
財 Telluria files a counter-claim of negligence and tortious
interference.
財 The case goes before the court on a bench trial.
Retained Counsel versus Retained Counsel
8. 財 The systems of Nevia were indeed attacking Telluria.
財 Nevias systems had been taken over by a third party.
財 An anonymous collective named EDDORE (Enraged Digital
Dilettantes Opposed to Ruthless Employers) takes credit.
財 They claim that Tellurias suppliers use child labor.
財 They state that Nevia was easy to penetrate as long as they avoided
the systems handling credit cards and other financial information.
財 As proof they point to files with encrypted content seeded
throughout Nivias enterprise and disclose the key.
財 Decryption reveals good fences make good neighbors.
What has been discovered
9. 財 United States Magistrate Judge John M. Facciola
財 Sitting by designation
財 Steven W. Teppler, Esquire
財 Retained counsel for Telluria Inc.
財 Serge Jorgensen
財 An employee of Arisia hired as consultant to Telluria Inc., a fact witness
財 Stephen S. Wu, Esquire
財 Retained counsel for the Nevia Corporation
財 Hoyt L. Kesterson II
財 CIO for the Nevia Corporation, a fact witness
財 United States Magistrate Judge Andrew J. Peck
財 Greek Chorus
Dramatis Personae
11. 財 Discussion with the judges law clerkswhat should the
instructions to the jury be?
財 Judge Facciolas instructions
Post hearing discussion with Judge Facciola
?
12. Hon. John M. Facciola
U.S. District Court for The District of Columbia
John_M._Facciola@dcd.uscourts.gov
Hon. Andrew J. Peck
U.S. District Court for the Southern District of New York
Andrew_J_Peck@nysd.uscourts.gov
Stephen S. Wu, Esquire
Cooke Kobrick & Wu LLP
swu@ckwlaw.com
Steven W. Teppler, Esquire
Kirk-Pinkerton, P.A.
steppler@kirkpinkerton.com
Hoyt L. Kesterson II
Terra Verde Services
hoyt.kesterson@terraverdeservices.com
Serge Jorgensen
The Sylint Group
sjorgensen@usinfosec.com