Digital Divorce: Who Gets the Airline Miles and Music Files?

By Judith Bitterli
Something you’ll want to know about all those movies, mp3s, eBooks, air miles, and hotel points you’ve accrued over the yearsthey’re digital assets that can factor into a divorce settlement. 

Understandably, several factors determine the distribution of assets in a divorce. However, when it comes to dividing digital assets, divorce settlements and proceedings are charting new territoryThe rate of digital innovation and adoption in recent years has filled our phones, tablets, and computers with all manner of digital assets. What’s more, there are also the funds sitting in our payment apps or possibly further monies kept in the form of cryptocurrencies like bitcoinPut plainly, the law is catching up with regards to the distribution of these and other digital assets like them. 

Yet one thing that the law recognizes is that digital assets can have value and thus can be considered property subject to distribution in a divorce. 

In light of this, the following is a checklist of considerations that can help prepare you or someone you know for the distribution of digital assets in a fair and just way.  

Nothing offered in this article is legal advice, nor should it be construed as such. For legal advice, you can and should turn to your legal professional for counsel on the best approach for you and the laws in your area.  

What is a digital asset? 

For starters, let’s get an understanding as to what actually constitutes a digital asset. 

Because laws regarding digital assets vary (and continue to evolve), the best answer you can get to this question will come from your legal counsel. However, for purposes of discussion, a digital asset is any text or media in digital form that has value and offers the bearer the right to use it.  

To put that in practical termslet’s look at some real-world examples of what could constitute a digital asset. That list includes, but is not limited to: 

  • Photo libraries 
  • eBook libraries 
  • Digital movies 
  • Digital music 
  • Digital currency, such as bitcoin 
  • Air miles 
  • Hotel points 

However, digital assets can readily expand to further include: 

  • Subscriptions to streaming services and online publications 
  • Online game accounts—and in-game items associated with them 
  • Currency stored in online payment platforms 
  • Online storefronts, such as eBay, Etsy, or business websites 
  • Website domain names, whether in use or held speculatively for later resale 
  • Documents kept in cloud storage, like financial documents and ancestry research 

And like any other asset in the case of a divorce, a value will be ascribed to each digital asset and then distributed per the conditions or orders of the settlement. 

What digital assets do you have? 

Arriving at the value of specific digital assets begins with an inventory—listing all the digital assets and accounts you own, just as you would with any other monetary or physical assets like bank accounts, properties, and carsWhen you go through this process, chances are you’ll quickly find that you have hundreds if not thousands of dollars of digital assets.  

For example, we can look at the research we conducted in 2011 which found that people placed an average value of $37,438 on the digital assets they owned at the time. Now, with the growth of streaming services, digital currency, cloud storage, and more in the past ten years, that figure feels conservative. 

Above and beyond preparing for a divorce settlement, taking such an inventory of your digital assets is a wise move. One, it provides you with a clearer vision of the things you own and their worth; two, maintaining such a list gives you a basis for estate planning and determining who you would like to see receive those assets. Likewise, maintain that list on a regular basis and keep it safe. It’s good digital hygiene to do so. 

What are digital assets worth in a divorce? 

With this inventory, each asset can then have an assessed value ascribed to it. In some instances, a value will easily present itself, such as the cost of a subscription or how much money is sitting in a PayPal account. In other cases, the value will be sentimental, such as the case is with digital photos and videos. Ideally, you and your spouse will simply be able to duplicate and share those photos and videos amicably, yet it is important that you articulate any such agreement to do so. This way, a settlement can call out what is to be shared, how it will be shared, and when. 

Identify which digital assets cannot be transferred 

Not all digital assets are transferrable. Certain digital assets are owned solely in your name. In other words, you may have access to certain digital assets that cannot transfer to someone else because you do not have the rights to do so per your user agreement. This can be the case with things such as digital books, digital music, and digital shows and movies.  

In such circumstances, there may be grounds for negotiation and a “limited transfer” in the settlement, where one party exchanges one asset for another rather than splitting it equally. A case in point might be a sizeable eBook library on a device that’s in the name of one spouse. While that library can’t be split or transferred, one spouse may keep the eBook library while another spouse keeps a similarly valued asset or group of assets in return—like say a collection of physical books. 

Streaming services and divorce 

Streaming services will need to be addressed too. Be prepared to either terminate your accounts or simply have them assigned to the person in whose name they are kept. In the case of family accounts, the settlement should determine how that is handled, whether it gets terminated or similarly turned over to one spouse or the other. In all, your settlement will want to specify who takes over what streaming service and when that must occur. 

Cryptocurrencies like bitcoin and divorce 

Like dividing up investment accounts where the value of the account can vary daily, digital currencies can present challenges when spouses look to divide the holdings. Cryptocurrency valuation can be quite volatile, thus it can be a challenging asset to settle from a strict dollar standpoint.  

What’s more, given the nature of digital currencies, there are instances where an unscrupulous spouse may seek to hide worth in such currency—which is an evolving issue in of itself. This recent article, “Cryptocurrency: What to Know Before and During Divorce,” covers the additional challenges of cryptocurrency in detail, along with an excellent primer on what cryptocurrency is and how it works. 

Ultimately, cryptocurrency is indeed an asset, one that your attorney and settlement process will need to addressspecifically so that there are no complications later with the transfer or valuation of the awarded currency. 

Passwords and divorce 

With accounts changing hands, now’s the time to start fresh with a new set of passwords. What’s more, we have a tendency to reuse the same passwords over and over again, which may be known to an ex-spouse and is an inherent security risk in of itself. Change them. Even better, take this opportunity to use a password manager. A password manager can create and securely store strong, unique passwords for you, thus saving you the headache of maintaining dozens of them yourself—not to mention making you far more secure than before. 

 Seek out a legal professional 

Again, keep in mind that nothing here is legal advice. Yet, do keep these things in mind when consulting with an attorney. The reality is that we likely have thousands of dollars of what could be considered digital assets. Inventorying them and ascribing a fair market value to them along with your legal professional is the first step in a fair and just settlement. 

Why Coin Miners Go Bad & How to Protect Your Tech When They Do

By Vishnu Varadaraj
Cryptocurrency enthusiasts are flocking to the Wild West of Bitcoin and Monero to cash in on the recent gold rush. Bitcoin’s meteoric rise in value is making coin mining an appealing hobby or even a whole new careerCoin mining software is the main tool in a prospector’s belt.  

Some coin miners, also known as cryptocurrency miners, are tempted by the dark side of the industry and resort to nefarious means to harness the immense computing power needed for cryptocurrency profits. Greedy cryptocurrency criminals employ a practice called cryptojacking, stealing the computer power of unsuspecting devices to help them mine faster. Your device could be at risk at being recruited to their efforts.  

Let’s dig into how coin mining programs work, why they turn malicious, and how you can stay safe from cryptojackers. 

How Coin Mining Works 

Mining cryptocurrency takes a lot of time and computer processing power. A coin mining home setup requires a graphics processing unit (GPU) or an application-specific integrated circuit (ASIC). Coin mining software then runs off the GPU or ASIC. Each central processing unit (CPU), or the brain of the computer, plus the GPU or ASIC is referred to as a mining rig. 

Once the software is installed, the rig is ready to mine, running mathematical calculations to verify and collect new cryptocurrency transactions. Each calculation is known as a hash, and hash rates are the number of calculations that can be run per second. 

From there, casual miners may choose to join a mining pool, which is a club of miners who agree to consolidate their computing power and split the profits based on how much work each miner contributed to the output. 

Bitcoin rewards miners every 10 minutes for their effortsEach time miners solve a string of mathematical puzzles, they validate a chain of transactions, thus helping make the entire Bitcoin system more secure. Miners are paid in bitcoin and they also receive a transactional fee. 

Why Coin Mining Turns Malicious 

While coin mining typically starts off as a casual hobby, coin mining programs can turn malicious when cryptocurrency miners want to earn more without investing in boosting their own computing power. Instead, they reroute their targets computing power without asking. This is called cryptojacking. 

Mining requires incredible amounts of electricity and the more riginvolved; the more cryptocurrency can be mined. Usually, the utility bills and the cost of running coin mining software negates any profit. For example, a casual miner may have one rig devoted to mining. An average rig processes approximately 500 hashes per second on the Monero network (a type of cryptocurrency). However, 500 hashes per second translates to less than a dollar per week in traditional, or fiat, currency. 

Greedy cryptocurrency criminals recruit CPU soldiers to their mining army to improve their hash rate. To do so, criminals download coin mining software to a device and then program it to report back to their server. The device’s thinking power is diverted from the owner and funneled straight to the criminal’s server that now controls it. Compromised devices run considerably slower and can overheat, and the strain on the device can eventually destroy it. 

How to Stay Safe from Cryptojacking 

Cryptojackers are not your everyday thieves. Their target is your CPU power, and they employ devious methods to funnel it for their own use. Luckily, there are a few easy ways to thwart their efforts: 

1. Beware of phishing 

Personal devices are often infected through phishing within emails and texts. There are many tell-tale signs of a phishing message. For example, they are often poorly written and use language that indicates that the sender wants a hasty response. Also, phishing attempts often charade as official organizations, like banks and credit card companies. If you are ever suspicious of an email or text, do not open any of the links and do not reply. Instead, contact the organization’s customer support to verify the legitimacy of the message. 

2. Use ad blockers 

Another way miners gain access to personal devices is by camouflaging malicious code in pop-up ads. An easy way to avoid being cryptojacked is to simply never click on these ads. Or even better, install an ad blocker to help eliminate the risk. 

3. Connect to a VPN 

Public wi-fi and poorly protected networks present a vulnerable entry point for cybercriminals to hack into your devices. Cybercriminals often attempt to download software remotely to your laptop, desktop, or mobile device to reroute its computing power for their own selfish gains. Always connect to a VPN like McAfee Safe Connect VPN to safely surf unsecure networks. 

4. Run antivirus software 

Cryptojacking code is inconspicuous and generally hidden in legitimate code. Antivirus software, such as McAfee Total Protection, is a recommended way to proactively scan for malware and even identify fraudulent websites. McAfee WebAdvisor has a Chrome extension that specifically blocks cryptojackers. 

5. Monitor your devices 

Be aware of the signs your devices have been cryptojacked. For example, monitor any changes in the speed of your devices and check out your utility bills for dramatic spikes. By remaining vigilant with these tips, you will keep your devices safe from cryptocurrency miners gone rogue. 

Stay Updated 

The Life Cycle of a Compromised (Cloud) Server

By Bob McArdle

Trend Micro Research has developed a go-to resource for all things related to cybercriminal underground hosting and infrastructure. Today we released the second in this three-part series of reports which detail the what, how, and why of cybercriminal hosting (see the first part here).

As part of this report, we dive into the common life cycle of a compromised server from initial compromise to the different stages of monetization preferred by criminals. It’s also important to note that regardless of whether a company’s server is on-premise or cloud-based, criminals don’t care what kind of server they compromise.

To a criminal, any server that is exposed or vulnerable is fair game.

Cloud vs. On-Premise Servers

Cybercriminals don’t care where servers are located. They can leverage the storage space, computation resources, or steal data no matter what type of server they access. Whatever is most exposed will most likely be abused.

As digital transformation continues and potentially picks up to allow for continued remote working, cloud servers are more likely to be exposed. Many enterprise IT teams, unfortunately, are not arranged to provide the same protection for cloud as on-premise servers.

As a side note, we want to emphasize that this scenario applies only to cloud instances replicating the storage or processing power of an on-premise server. Containers or serverless functions won’t fall victim to this same type of compromise. Additionally, if the attacker compromises the cloud account, as opposed to a single running instance, then there is an entirely different attack life cycle as they can spin up computing resources at will. Although this is possible, however, it is not our focus here.

Attack Red Flags

Many IT and security teams might not look for earlier stages of abuse. Before getting hit by ransomware, however, there are other red flags that could alert teams to the breach.

If a server is compromised and used for cryptocurrency mining (also known as cryptomining), this can be one of the biggest red flags for a security team. The discovery of cryptomining malware running on any server should result in the company taking immediate action and initiating an incident response to lock down that server.

This indicator of compromise (IOC) is significant because while cryptomining malware is often seen as less serious compared to other malware types, it is also used as a monetization tactic that can run in the background while server access is being sold for further malicious activity. For example, access could be sold for use as a server for underground hosting. Meanwhile, the data could be exfiltrated and sold as personally identifiable information (PII) or for industrial espionage, or it could be sold for a targeted ransomware attack. It’s possible to think of the presence of cryptomining malware as the proverbial canary in a coal mine: This is the case, at least, for several access-as-a-service (AaaS) criminals who use this as part of their business model.

Attack Life Cycle

Attacks on compromised servers follow a common path:

  1. Initial compromise: At this stage, whether a cloud-based instance or an on-premise server, it is clear that a criminal has taken over.
  2. Asset categorization: This is the inventory stage. Here a criminal makes their assessment based on questions such as, what data is on that server? Is there an opportunity for lateral movement to something more lucrative? Who is the victim?
  3. Sensitive data exfiltration: At this stage, the criminal steals corporate emails, client databases, and confidential documents, among others. This stage can happen any time after asset categorization if criminals managed to find something valuable.
  4. Cryptocurrency mining: While the attacker looks for a customer for the server space, a target attack, or other means of monetization, cryptomining is used to covertly make money.
  5. Resale or use for targeted attack or further monetization: Based on what the criminal finds during asset categorization, they might plan their own targeted ransomware attack, sell server access for industrial espionage, or sell the access for someone else to monetize further.


lifecycle compromised server

The monetization lifecycle of a compromised server

Often, targeted ransomware is the final stage. In most cases, asset categorization reveals data that is valuable to the business but not necessarily valuable for espionage.

A deep understanding of the servers and network allows criminals behind a targeted ransomware attack to hit the company where it hurts the most. These criminals would know the dataset, where they live, whether there are backups of the data, and more. With such a detailed blueprint of the organization in their hands, cybercriminals can lock down critical systems and demand higher ransom, as we saw in our 2020 midyear security roundup report.

In addition, while a ransomware attack would be the visible urgent issue for the defender to solve in such an incident, the same attack could also indicate that something far more serious has likely already taken place: the theft of company data, which should be factored into the company’s response planning. More importantly, it should be noted that once a company finds an IOC for cryptocurrency, stopping the attacker right then and there could save them considerable time and money in the future.

Ultimately, no matter where a company’s data is stored, hybrid cloud security is critical to preventing this life cycle.


