Risk of cyberattacks increases after invasion of Ukraine | economy and business

In 2021, according to security solutions company Datos101, there were 40,000 cyberattacks per day, up 125% from the previous year. But although the number of cyber attacks has increased in recent years, certain factors such as the pandemic and widespread teleworking have contributed to the exponential growth in 2021, according to experts. Now, in the thick of it After the war between Russia and Ukraine, the threat has risen again, prompting Spanish Defense Minister Margarita Robles to announce a few weeks ago that the cyber-attack alert level will be raised to 3, with 5 being the highest.

Prevention is the best strategy against the threat of cyberattacks and this is where lawyers have a fundamental role to play, especially in aligning organizations with the protective regulatory framework. The Code of Cybersecurity Law contains more than 50 rules organized into eight main sections, including national security, critical infrastructure and privacy.

These regulations are primarily aimed at public administrations and their suppliers, critical infrastructure and essential services, as emphasized by Jesús Yáñez, cybersecurity partner at technology and communications company ECIJA, since it is these bodies that respond to the sanctions imposed on Russia react have become the main goals.

Since the beginning of the invasion of Ukraine, critical infrastructure companies like Iberdrola, public bodies like the National Police and the Tax Agency, and technology companies like Microsoft and Apple, as well as the vast majority of Spanish banks (BBVA, Santander, Caixabank, Sabadell Liberbank), have been subjected to this type of attack exposed.

However, they are not the only targets of cybercrime. Cyber ​​attacks continue to take place on a significant scale in all types of businesses, from SMBs to multinational corporations. “In Russia, there are organizations that take advantage of every conflict to increase cyberattacks,” explains Cristina Cajigos, account manager at Grupo Paradell Technologies, a consulting firm specializing in digital and enterprise risks. As for the underlying motive for a cyber attack, Yáñez admits that it can vary widely, “from an economic ransom to gaining access to classified information to an act of revenge by a former employee who knows the security measures of his former company are minimal.”

Legal Compliance

More and more companies now have a cybersecurity compliance program that identifies risks and vulnerabilities and assesses the likelihood of a cyberattack, according to Natalia Martos, founder of Legal Army. “Tests are conducted, controls installed and their effectiveness verified,” she says. “An archive of evidence is created and risk reduction measures are generated.”

It’s a control strategy that also involves assessing the company’s technology suppliers in terms of security and even requiring them to take effective action, as Yáñez points out. “You have to negotiate with them,” he says. “Negotiations are not easy, but they are necessary. This will not only help prevent possible violations, but also serve to demonstrate commitment and diligence in this area.”

Employees must also be made aware of risks and trained accordingly. “Ninety percent of cyberattacks in SMBs are due to human reactions, which are strongly related to a lack of awareness and the work environment,” says Cajigos. According to Yáñez, the most common way is to trick the user into believing that they are entering their credentials on legitimate sites. These are cases in which the identity of the company or its representatives is impersonated with the aim of defrauding third parties and obtaining an economic advantage. “One of the most common is bill falsification, which involves changing the account number to which the payment is to be made,” says Jesús Iglesias, a partner at Clyde & Co.

Companies that are impersonated “suffer terrible consequences, as their customers are often the target of theft and extortion for which they might initially appear responsible,” says Martos, who recommended all the details to the company that was the victim of a cyberattack of the attack and immediately contact the specialized units of the State Security Forces and Corps who will contain it, and finally, after a forensic investigation, try to find out who is behind it. “It’s really complex because of the lack of traceability in the cyber world,” she admits.

Meanwhile, Cajigos adds that victims should try to determine the origin of the attack and inform the data protection authority to reduce the impact in case critical data is leaked. However, she insists that prevention is the best policy. “If you prepare the infrastructure for intrusion detection, have decentralized backups of critical data, a disaster recovery plan, and a business continuity plan, the impact is significantly reduced,” she explains.

Specific insurance

Purchasing cyber risk insurance, according to Iglesias, “helps organizations respond to and appropriately manage a cyber attack, thereby reducing the financial, legal and reputational damage it can cause.” Such insurance policies typically include incident response management Services and provide access to a number of different vendors such as technicians, legal counsel and PR firms to step in when needed. They also typically cover administrative penalties that may be imposed by data protection authorities, recovery of ransom payments in the event of cyber extortion, and potential civil liability resulting from the attack.

Comments are closed.