Cyber attacks and Civil Litigation

Posted by Emma Klieve

Brabners

Thu 27th, Jul

Over recent years, there has been an increase in the number of cyber-attacks with an aim of obtaining sensitive data. Previously this data was obtained through hacking, as in the 2015 attacks on the website Ashley Madison and network provider Talk Talk. However in 2017, the preferred method appears to be through the use of ransomware with the purpose of causing significant disruption and eliciting funds.

In May, a ransomware attack on the NHS demanded payment of $300, in cryptocurrency Bitcoin, in order to receive a decryption code and regain access to their own encrypted files. This attack was part of a global ransomware attack using malware called “WannaCry”, which infected systems by utilising phishing techniques to trick recipients into opening email attachments and exploiting a flaw in Windows software. This vulnerability in certain versions of the software had been identified by the National Security Agency (NSA) and was exposed to distributors of the ransomware through stolen resources. One month later, there was another ransomware attack on some of the largest companies in the world, this time the malware used was similar to “Petya”. In many cases, the ransom amount increased every hour if a user refused to pay. However, cyber security firms advise victims not to pay the ransom due to fears it could encourage further attacks and that there is no guarantee that all files will be returned intact.

As a result of the attacks, several members of the American House and Senate introduced a bipartisan Bill titled “the Protecting Our Ability to Counter Hacking (PATCH) Act” in America. The PATCH Act would create an interagency review board that will assess the vulnerabilities discovered by government agencies to determine when the government will retain the information and when warnings should be provided about the potential vulnerability of the system. In an increasingly-connected world, the passing of the Bill would require the government to at least consider the exposing of flaws. This reporting of vulnerabilities may reduce opportunities for cyber-attacks in the future by reducing the weaknesses in the software.

There is the potential for victims of cyber-attacks to become exposed to litigation following an attack, especially with the EU’s General Data Protection Regulation (GDPR) introducing tougher penalties for businesses where there has been a breach of data privacy. The significant disruption caused by these global attacks serve as a reminder of the requirement to take appropriate measures to protect their systems and ensure continuity of business. Businesses should also ensure that they have adequate insurance cover to protect them in the event of a cyber-attack.

Leave a comment

Happy 9th Birthday 6th Door Ltd

Tue 19th, May

As I’m leaning on the stand-up desk in my makeshift home office, that over the weeks has been turned into a video and podcast recording studio

How to take back control of your water costs

Fri 13th, Mar

While most businesses already have a comprehensive strategy in place for their electricity and gas consumption, water management is often overlooked.

How to choose an energy consultancy

Fri 13th, Mar

Most business owners recognise the advantages of shopping around for the best energy deal, but without the time, resource and expertise to find the best tariff, it can be an almost impossible task.

Business energy: Don’t get caught out by rollover rates

Fri 13th, Mar

As a busy business owner, you may feel there are not enough hours in the day to secure your next energy contract. You know you’ll get around to it, but when you’ll get around to it is another matter.

Business water matters – Top 3 water saving tips

Fri 13th, Mar

Water is often referred to as ‘the forgotten utility’. While many large businesses are clearly focussed on their comprehensive energy strategies, it seems many are yet to implement a strategy around managing their water usage.

Know where your cloud data is stored or risk a GDPR fine

Thu 27th, Feb

For businesses who have chosen cloud-based data hosting services there’s a temptation to relax and think “great, we’re paying someone else to take care of our data, we don’t need to worry about it any more.”

Transparency plans could slow down region’s business growth

Thu 27th, Feb

Efforts by regional start-up initiatives that have led to Merseyside outperforming the rest of the UK when it comes to business growth could be hampered by new government proposals, a leading legal expert has claimed.

Backup or risk losing your business

Thu 13th, Feb

Maintaining a robust backup is hard work, it’s important to not only build the correct solution for your business and trust your IT support provider to look after it, but to also maintain a sense of urgency as a business owner to...

Information Destruction and Compliant Data Handling in the Education Sector

Thu 13th, Feb

Identity theft costs the UK economy £5.4 billion and a recent BSIA report showed 169,592 cases of identity fraud, representing an increase of 49% over the previous year.

Give Your Business Utilities a Refresh for 2020

Mon 20th, Jan

January is a time for reflection for most people and this includes business owners, with the new year bringing with it an opportunity to take stock of performance during the past 12 months, create goals for the year ahead, and ensure...