Fraud Management & Cybercrime , ID Fraud , Malware as-a-Service

NortonLifeLock Told to Pay Columbia $185M for Patent Theft

NortonLifeLock's Method for Spotting Malicious Behavior Violates Columbia's Patents
NortonLifeLock Told to Pay Columbia $185M for Patent Theft

A federal jury has ordered NortonLifeLock to pay Columbia University $185.1 million after finding the company infringed on two of the Ivy League giant's patents.

See Also: OnDemand | Combatting Rogue URL Tricks: How You Can Quickly Identify and Investigate the Latest Phishing Attacks

Jurors decided Monday that Tempe, Arizona-based NortonLifeLock's use of emulators to monitor programs for malicious behavior intentionally infringes upon patents held by Columbia University, according to the verdict filed in U.S. District Court for the Eastern Division of Virginia. The deliberateness of the violation means that the judge can triple the amount NortonLifeLock has to pay Columbia.

"We are pleased that the Court has recognized NortonLifeLock's violations of Columbia University's intellectual property rights to groundbreaking computer science innovations, made possible by the work of professors and researchers in Columbia's IDS [Intrusion Detection Systems] Lab," says Columbia Senior Vice President of Intellectual Property and Technology Transfer Orin Herskowitz.

Appeal Coming From NortonLifeLock

NortonLifeLock says it plans to stop using the technology found by the jury to infringe upon Columbia's patents and also plans to file an appeal challenging the jury's verdict. Both NortonLifeLock Norton Security products and Symantec Endpoint Protection products - which were acquired by Broadcom for $10.7 billion in November 2019 - were found to be in violation.

Columbia says it intends to provide a share of the $185.1 million award to the inventors and use the remaining proceeds to fund education and further life-enhancing research initiatives. Neither Broadcom nor NortonLifeLock immediately responded to requests for additional comment from Information Security Media Group.

The award to Columbia includes a $91.1 million royalty for NortonLifeLock's sales to U.S. customers and a $94 million royalty for sales to customers outside the U.S. The jury determined that the infringing NortonLifeLock products sold to non-U.S. customers were actually made in and distributed from the U.S. The verdict comes as regulators continue to scrutinize NortonLifeLock's proposed buy of Avast (see: UK Regulator Raises Concerns Over NortonLifeLock-Avast Deal).

The jury rejected Columbia's argument that a third patent was solely invented by two Columbia professors and that NortonLifeLock committed fraudulent concealment when it filed an application for this patent. Jurors, however, did find that Columbia professors Salvatore Stolfo and Angelos Keromytis should be added as joint inventors of this patent.

"I am extremely grateful to the members of the jury for achieving this just result; I feel vindicated," Stolfo says in a statement. "While it is disappointing that a company would repeatedly take our inventions for their own benefit, the heart of my lab is the students and staff, and I am gratified that the award will help support their important work."

Lawsuit Dates Back to 2013

Columbia says its patented technologies that were used in the Norton Antivirus internet security suite can effectively distinguish normal computer operations from anomalous or malicious behaviors even if the malicious program hasn't been seen before. The patented features have been part of NortonLifeLock's SONAR/BASH behavioral protection technology for many years.

The patented technology can also rapidly and efficiently share information about detected intrusions across communities of users, according to Columbia. The university says the professors also developed an innovative strategy for using decoys to detect and thwart viruses and other malicious intrusions.

"Columbia is committed to ensuring that innovations in the laboratory are brought to the market and the role of Columbia researchers is recognized," Herskowitz says. "The patented technology changed the way we detect malicious malware and increased the safety of individuals, companies and the U.S. government's computers at a critical time when traditional malware detection was failing."

This case dates all the way back to December 2013, when Columbia first filed a lawsuit against the company - which was then known as Symantec. In the suit, Columbia said the cybersecurity giant had been including the patented features in several of its products since December 2011.

Researchers and security companies often sue one another alleging patent violations, but these cases almost never make it to trial and are typically settled out of court, with the defendant agreeing to pay a certain amount to license the technology. For instance, Zscaler in January 2020 agreed to settle litigation by paying $15 million to Symantec in exchange for a patent license, release and covenant not to sue.


About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.eu, you agree to our use of cookies.