About | HeinOnline Law Journal Library | HeinOnline Law Journal Library | HeinOnline

10 Int'l. In-House Counsel J. 1 (2016-2017)
Data Breach: What YOU Can Do about It?

handle is hein.journals/iihcj10 and id is 578 raw text is: 

International In-house Counsel Journal
Vol. 10, No. 40, Summer 2017, 1

                                 Data   Breach:
                         What   YOU can do about it?

                              MARCELO SOUCCAR
 CEO  Juritis USA and General Counsel Juritis Group, Juritis USA LLC TOTVS Official
                                   Partner, USA

In May  2017  the cyber world was  under attack. The WannaCry   cryptoworm  spread
quickly, preventing or limiting users from accessing their systems. This was the largest
ransomware  attack targeting commercial applications up until that point. Bloomberg
estimated that this single malware could cost over $2,5 billion for insurers and the overall
cost could reach $4 Billion dollars.
In June 2017, Petya, another ransomware  attack caused serious business disruption at
large corporations, including Siemens, Mondelez, and  Maersk, among   others. These
attacks are just the tip of the iceberg in the money-making scheme designed by hackers,
and  do  not include government  sponsored  attacks, which may   target government
structures, but also private strategic economic businesses, like utilities, energy, finance
and even  law enforcement and  emergency  services, which constitutes an actual cyber
Although  the press has published names of large enterprise businesses who are at risk,
there is no small under the radar operation that is safe from attacks. In fact, most of the
funds paid to hackers are from small and medium size businesses that lack the technology
and knowledge  to protect their data and cannot afford to stay locked out of their computer
systems. In more dangerous situations, hackers have demanded bitcoins in exchange for
not publishing sensitive company information on the web.
Most of the famous Data Breach cases surely involve at least one hacker. However, most
of the time companies are also under a constant threat from within, as the majority of data
breaches come  from the internal people who already have access to the data and are
careless on providing access and passwords to outsiders, leaving the door open to
intruders. Users sometimes leave their notebooks or computers logged onto the network
hibernating during the night after downloading some new APP from the internet or allow
an update from an unreliable source and right there the opportunity to enter is open. Not
always, the path for a Data Breach requires a hacker to break firewalls and complex
security passwords and  tokens, we must  also focus on  securing the peopleware.
Receiving e-mails with strange links from someone you know is a typical form of attack,
once you download  the virus is difficult even for antivirus to deal with the problem.
Let's focus on the private ransomware attacks that demand monetary compensation:
the lack of specific cybersecurity legislation has been questioned in the US, given the
international characteristics of the hacking business, and there is a global effort to
improve legislation and law enforcement. Nevertheless, the pace of technology is so fast,
and laws need time to mature. Whenever there is a regulation to protect from an attack,
the perpetrators will be using a different set of weapons and techniques.
The famous  case about the Panama papers depicted a law office that was taken with their
guard down  and lost all confidential information. We may infer that the impact on the

ISSN 1754-0607 print/ISSN 1754-0607 online

International In-house Counsel Journal

What Is HeinOnline?

HeinOnline is a subscription-based resource containing thousands of academic and legal journals from inception; complete coverage of government documents such as U.S. Statutes at Large, U.S. Code, Federal Register, Code of Federal Regulations, U.S. Reports, and much more. Documents are image-based, fully searchable PDFs with the authority of print combined with the accessibility of a user-friendly and powerful database. For more information, request a quote or trial for your organization below.

Short-term subscription options include 24 hours, 48 hours, or 1 week to HeinOnline.

Contact us for annual subscription options:

Already a HeinOnline Subscriber?

profiles profiles most