On June 30, 2010, Paul Ceglia sued Facebook co-founder Mark Zuckerberg, claiming that Zuckerberg had signed a 2003 contract giving him half-ownership of the company (now valued at $75 to $100 billion, according to the Wall Street Journal). Zuckerberg maintains that Ceglia made up the whole story and forged documents to support his claims. “The contract is a cut-and-paste job, the e-mails are complete fabrications, and this entire lawsuit is a fraud,” reads a statement filed by Zuckerberg’s lawyers with a U.S. District Court in Buffalo, New York. To prove it, Zuckerberg
hired digital forensics expert Eric Friedberg ’83, who has battled all manner of cybercriminals, from rogue hackers to e-forgers to sophisticated intellectual property thieves. For most people, a call from Mark Zuckerberg would be out of the ordinary, but this is the sort of call Friedberg gets every day.
LawNotes Managing Editor Andrea Strong ’94 met with Friedberg at Stroz Friedberg’s 50,000-square-foot Tribeca office, a stunning steel-on-white space equipped with one of the largest digital forensics lab in the country. Over the course of the morning, Friedberg discussed a career that took him from Skadden Arps, to the U.S. Attorney’s Office, to leading one of the nation’s top digital risk and cybercrime firms. He discussed what it takes to deal with cybercriminals, the perils of using your smartphone in Asia, what risks you’re taking by Tweeting your life away, and the threats that loom in the future.
Tell me a little bit about your background. Were you primed from an early age to be a lawyer?
Even though my father Irving Friedberg is a lawyer, BLS Class of 1948, I didn’t come to the law right away. I studied philosophy and poetry at Brandeis. I was accepted to the Bread Loaf Writers’ Conference and tried to establish myself as a poet, but it turned out to be an isolating and difficult existence. So I took the LSAT, and I had a terrific three years at BLS. The caliber of the teaching was so high and thought provoking. Its world-class talent provided me with a very stimulating education.
You began your legal career at a big firm. What was that like for you?
Skadden gave me the foundation for a successful business career. The level of rigorousness, the responsiveness towards clients, and the perfectionism that the firm demands stays with you your entire life. It sets you apart from many other professionals.
What led you to leave Skadden and join the U.S. Attorney’s Office?
When I joined the U.S. Attorney’s Office, Rudy Giuliani was prosecuting a number of high-profile cases—the insider trading scandals, the organized crime trials—and I really wanted to devote a good period of my life to the public good. The U.S. Attorney’s Office gave me the opportunity to do that. I spent the early part of my career focusing on South American narco-terrorism. That work culminated in me leading a 50-person task force investigating and prosecuting six accomplices in the Cali Cartel-ordered assassination of Manual De Dios Unanue, the former editor-inchief of El Diario. It’s a case that made front page news for years.
How did you transition from Chief of Narcotics to running a cybercrime team?
One day, a few DEA Agents walked into my office and told me that they were working on an investigation involving someone who was selling illegal wiretapping equipment for cell phones over the Internet. We were concerned about our undercover agents being killed if they were found out, so we had a joint DEASecret Service investigation. As part of this investigation, I did one of the first e-mail wiretaps in the country by the non-intelligence side of the government. After that, I handled all the Secret Service’s computer crime matters, and in 1996, I was a founding member of the Electronic Crimes Task Force that now plays a big role in fighting cybercrime. It was through that group that I met Ed [Stroz] because he had founded and was running the FBI’s first computer crime squad in New York.
How did Stroz Friedberg go from dream to reality?
In 2000, Ed was working on his own and founded the firm in a small office on Maiden Lane. I joined him in 2001. We were committed to the idea that digital fact-finding and digital evidence was going to become important. We pioneered many of the methodologies in the field of digital evidence, and in doing so, we have replicated the best of what we had in the government, which is a prosecutor/agent model. Our firm is staffed with former prosecutors with legal expertise who understand the legal context into which the legal fact-finding will fit and with former
agents who are phenomenal at digital fact-finding. This is an incredibly powerful combination.
What are the main reasons clients come to you?
We operate in a field that we call “digital risk management and investigations.” Clients come to us in areas such as digital forensics, data breach and cybercrime response, security consulting, business intelligence and investigations, and electronic discovery. Recently, for example, Google mistakenly included code in software in its Street View cars that collected fragments of private user data from WiFi networks. Google hired us to review the
software at issue, how it worked, and what data it had actually gathered. We led a digital forensics team that analyzed the proprietary source code and approved a protocol to ensure that any WiFi-related software is removed from the cars before they start driving again.
What about battling hackers?
Many of our clients seek help when they experience an intrusion. It could be an industrial or state-sponsored espionage case, where a competitor or a foreign government is trying to steal trade secrets or intellectual property. Or it could involve an organized crime group targeting credit card information, or, more recently, “hacktivist groups” such as Anonymous who are not trying to steal money as much as they are trying to penalize companies that run afoul of their credos.
Can you protect these companies from these intrusions?
The current thinking in security is that if your attacker is sophisticated and persistent enough, which is usually the case, it’s unlikely that the attack can be prevented. It becomes more a question of how you respond. We help companies make sure that their detection and response capabilities are enhanced. Our job is to help figure out what happened, how it happened, how to get these intruders out of the network, and how to be better prepared next time—because they will definitely come back.
As we become more socially networked, with much of our personal information out in the open, how does that manifest itself in the cybercrime war?
You’ve hit on a major issue. The bad guys are using social networking to “spear-phish,” or send a baited e-mail that they know you will open because it is made to look like it comes from a friend. Often the attacker conducts reconnaissance on your business and personal relationships, for example, by using LinkedIn, Facebook, and business websites, so that the spear-phishing e-mail can also contain references to content that you might expect to receive via e-mail. Once you click on that link, it opens up malware that gives them control of your computer and access
to all your data. These sites have provided a wealth of new opportunities for bad guys to deliver malware to targets. In addition, these social networking platforms are running on devices that are far less secure than office laptops and desktops. Tablets and mobile phones are way behind in terms of security, and attack programs are being written to target these devices. Employees, especially top executives, who are running around with BlackBerrys, iPads and iPhones are vulnerable to these security attacks. The trend to allow employees to connect any device of their choosing to the network is called “BYOD,” or Bring Your Own Device. You also have to be particularly vigilant if you are travelling abroad. Companies need to train their employees to avoid conduct, like leaving laptops in hotel rooms, that enables foreign agents to copy or bug computing devices.
Your offices and staff have grown exponentially in the past 10 years.
Our clients have complex and global needs. The Google WiFi scandal ended up being a 30-country privacy scandal. A statesponsored espionage case can require 10 to 20 people, and if you have four, five, or six of these going on at the same time you need the staff to handle this. We are planning on hiring 100 new employees this year alone.
With such growth and demand, what advice do you have for students who may want to work in the area of digital forensic and cybercrime in the future?
What lawyers add to the matters that we handle is a deep understanding of how litigation and investigations work and how digital fact-finding fits into that. This requires developing that expertise through litigating, trying cases, or being a prosecutor. You can focus in civil law on computer trespass, privacy, and those areas of the law. A lot of our lawyers are also coming from intellectual property or privacy practices at law firms. You need to be
working in a relevant sector, know how to run an investigation, and be the quarterback for the technical talent. Once you have that, give us a call.