To print this article, all you need is to be registered or login on Mondaq.com.
On May 28 2023 major corporations started to announce attacks by
CLOP ransomware group on their systems. CLOP is widely thought to
operate from the Russian Federation. Victims are said to include
Procter and Gamble, Virgin, Saks and others.
Attacks from Non/Quasi State actors can be expected to rise with
international tensions.
Today (07.06.2023), CLOP used its dark web website to announce
that personal information, including customer bank account details,
would be released on the web:
“We deliberately
did not disclose your organization wanted to negotiate with you and
your leadership first,” reads a Clop ransom note sent during
the GoAnywhere extortion attacks.
“If you ignore us,
we will sell your information on the black market and publish it on
our blog, which receives 30-50 thousand unique visitors per day.
You can read about us on Google by searching for CLOP hacker
group”.
Microsoft attributed the ransomware attack to vulnerabilities in
the Zero-day MOVEit Transfer platform.
The attacks started on or around 27 May – the Memorial Day
holiday weekend.
Having an interest in International Law, the attack raises
questions of State responsibility for Non/ Quasi State actors. What
duties does the Russian Federation have to prevent and prosecute
such actions? What State responsibility does Russia bear if it
fails to take reasonable and proportionate actions in those
regards. I am going to leave that aside for another article.
What are the legal duties on firms who discover they have been
hacked? Perhaps this is a far more practical question.
- Contact the Information Commissioners Office.
- Contact your internet provider and their security systems. You
will need to know what was taken and to whom the information
went. - Act immediately. If you hesitate, the damage may be greater and
the ICO will want to know why.
Your duties
- Ensure the ‘confidentiality, integrity and
availability’ of systems and services and the personal data you
process within them. - You must be able to restore access and availability to personal
data in a timely manner in the event of a physical or technical
incident. - You must have appropriate processes in place to test the
effectiveness of your measures and undertake any required
improvements. - Your security measures must be proportionate to the sensitivity
of the information held. If you hold sensitive medical data, your
security measures must reflect this risk.
[Source ICO 07.06.2023]
In short,
- Know your security measures protecting your IT.
- Make sure they are adequate to the risk.
- Act quickly if you have a suspicion.
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
POPULAR ARTICLES ON: Technology from UK
Click Here For The Original Source.
