As the scope and impact of cyber attacks grows increasingly severe, affecting businesses and systems all over the world, Paul Pratley, Head of Investigations and Incident Response at MWR InfoSecurity, shares his view from the coalface on the weaponised hacking toolsets being used to unleash potentially devastating enterprise-wide attacks. / read more

Following an incident in which a large number of Korean websites were hit by a ransomware attack, the Korea Communications Commission (‘KCC’) has now taken steps to enhance the cyber security preparedness of online operators. According to the KCC’s research 2,496 online business operators have been transmitting personal data without encryption, and as such the KCC has issued such business with administrative guidance on server security. Keun Woo Lee, Partner at Yoon & Yang, describes the vulnerabilities facing online operators and looks at the steps the KCC is taking to strengthen online operators’ cyber security, which includes taking a tougher stance on online operators cyber security going forward. / read more

On 12 May 2017, the WannaCry ransomware virus hit more than 230,000 computers in over 150 countries. The attack exploited a security weakness in unpatched versions of Windows computers, encrypting data and demanding payment in cryptocurrency Bitcoin for its release. Among the organisations impacted by WannaCry were the UK’s National Health Service, Russia’s Ministry of Internal Affairs, and the car manufacturing plants of both Renault and Nissan. / read more

Due to rapidly growing industry demand as well as the significant cyber attacks of the past year, the Australian Government’s annual review of its Cyber Security Strategy (‘Strategy’) has resulted in a call by Prime Minister Malcolm Turnbull for new goals to be set. As the Government releases the Australian Cyber Security Sector Competitiveness Plan (‘Plan’), Paul Kallenbach and Leah Mooney of Minter Ellison assess the new goals for cyber security in Australia. / read more

On 8 December 2016, a cyber attack was made against Akbank, one of Turkey’s largest banks, and supposedly two other Turkish banks. Akbank released a statement confirming the attack to their IT systems, that it related to the SWIFT system, and stating that they had responded to the attack immediately and taken the necessary precautions. The bank also set forth that the maximum amount of risk faced by the bank is USD $4 million which is covered by its insurance policy. The names of the two other banks which are said to have been attacked are not known and no statement has been released by any other Turkish bank on the issue. In this article, Ozan Karaduman, Managing Associate at Gün + Partners, explains the means of attack against Akbank and the possible legal consequences. / read more

SWIFT CEO Gottfried Leibbrandt has announced a number of measures that it is hoped will better safeguard financial transactions in the future, following the penetration of the SWIFT network that saw cyber criminals make off with substantial amounts of money, marking a new stage of sophistication in cyber attacks against financial institutions. David Ferbrache, Technical Director, Cybersecurity at KPMG, shares his opinion on the threat facing the global payments network, the present limitations and the weak links in international anti-money laundering regimes that enable criminals to cash-out their ill-gotten gains. / read more

Earlier this year, multiple hospitals in Germany fell victim to ransomware attacks, which disabled their IT infrastructure. While these attacks are far from being limited to hospitals, these cases gained media attention due to the relevance of healthcare for the general population. In addition, as hospitals are required to thoroughly protect health data, these attacks have raised additional concerns. Jana Grieb and Claus Färber of McDermott Will & Emery explain the legal implications of such attacks and how hospitals should respond. / read more

Cyber attacks on the legal sector are on the rise as are client demands for resilience in the sector. Thanks to the nature of the privileged information they hold, legal practices and institutions have become a key target for threat actors looking to steal valuable information. The sector also has a number of challenges ranging from typical partner ownership models - which don’t incentivise investment in non-revenue generating functions - through to an industry that has historically been implicitly trusted and thus has not had to contend with anything of the scale of cyber security that could undermine this trust. Haroon Malik, Managing Security Consultant at NCC Group, discusses the cyber security challenge faced by the legal industry and provides a number of case studies on recent cyber attacks that specifically targeted law firms. / read more

Huge numbers of cyber attacks exploit vulnerabilities in computer-based systems and yet vulnerability disclosure is not a straightforward matter, as the discoverer of a vulnerability could face legal risk if they report that vulnerability. Sofie van der Meulen, Attorney at Law at Axon lawyers in Amsterdam, discusses vulnerability disclosure with a particular focus on ENISA’s recent Good Practice Guide on Vulnerability Disclosure and the Dutch approach to this issue. / read more

Swiss secure email provider ProtonMail made public via its blog on 5 November its difficulties with criminal group Armada Collective, who threatened ProtonMail with distributed denial of service (‘DDoS’) attacks unless a Bitcoin ransom was paid. Despite paying, ProtonMail was later targeted with a significant DDoS attack. / read more