Mermelstein’s clients are classic crime victims, but five or six years ago the nature of those crimes turned cyber.
That’s when a lot of his connections with the government started to really pay off, said Mermelstein, global co-chair of Orrick’s cybersecurity and data privacy group.
For example, Mermelstein once received a call from a client, an online retailer, who said they were the subject of a denial-of-service attack, which is when a website is shut down because an enormous amount of users attack the site. A man said he’d stop the attack for $300,000. The retailer was prepared to pay the money, but Mermelstein first checked with a contact at the FBI, who knew a colleague who was investigating the same attacker for his attacks on other companies.
The attacker turned out to be a man from Nigeria who was paying for a botnet that carries out the attacks.
“The FBI agent is telling me, ‘You can pay and the attack will stop but three days after he is going to circle back and launch a second time. Then the demand will go higher,’” said Mermelstein.
But if the payer is not getting any results after three hours he usually stops paying the botnet, Mermelstein learned. The retailer held off paying for three hours and the attack did stop, Mermelstein said.
“It was an hour of my time, but the connection to the right people was able to get real intelligence,” Mermelstein said.
That’s one example of how government resources help Mermelstein be an asset to his clients. He went from private practice to working for the Los Angeles County public defender’s office before going back to private practice doing white collar criminal defense.
Ten years ago, Mermelstein got the U.S. Attorney’s Office involved in a case regarding a phony Pablo Picasso piece, with the office then involving the FBI. Eventually Mermelstein negotiated a $2.3 million restitution to the person who bought the fake piece, but there started a relationship of cultivating valuable government relationships.
“I’ve been able to leverage a relationship with government folks and, in a situation where a company is a cyber crime victim, getting the case over to the right prosecutor to investigate,” said Mermelstein.
Mermelstein said cybersecurity has improved but so have hackers.
“The hackers were getting better at a faster rate than our cybersecurity defenses. If anything we are as a country losing the cybersecurity war,” he said.
— Justin Kloczko
For reprint rights or to order a copy of your photo:
Email
jeremy@reprintpros.com
for prices.
Direct dial: 949-702-5390
Send a letter to the editor:
Email: letters@dailyjournal.com