SIMPLIFYING MATTERS

x
Info career

info centre

PETYA CYBER-ATTACK: PRELIMINARY LEGAL IMPLICATIONS

2017-07-07

In the afternoon of 27 June 2017 large public and private companies, numerous medium and small companies, as well as public authorities in Ukraine were struck by a massive cyber-attack. What are the immediate implications and lessons to learn?

As reported by the media, Oschadbank, Ukrposhta, Boryspil Airport, Kharkiv Airport, Ukrgasbank, OTP Bank, Ukrtelecom, Ukrzaliznytsia, Nova Poshta, Vodafone, Lifecell, DTEK, Kyiv Metro are among numerous companies which have been subsequently paralyzed.

Given unexpected, unprecedented and massive impact of the attack, confusion quickly shifted to fighting the immediate consequences of the attack. Both business and government acted in a swift way and the reactions included:

  • on 4 July 2017 the Government approved draft amendments to the Tax Code of Ukraine whereby the taxpayers should be released from penalties for untimely registration VAT-invoices issued during 1 June to 15 June 2017 caused by the cyber-attack. Currently the Parliament is expected to vote for the mentioned draft amendments;
  • the business, as reported, (i) filing applications to police for initiation criminal investigation with respect to cyber-attack, and (ii) working on restoring damaged files and networks and solutions to enhance its IT security;
  • Ukrainian Chamber of Commerce and Industry is reported to agree to acknowledge Petya cyber-attack as a force-majeure event subject to compliance with the approved procedure of its confirmation by the proper evidences; and
  • new case law / court practice with respect to force-majeure events and release from liability for damages caused by the recent attack is expected to be approved soon.

 Regardless of the above changes in legislation and business environment, it is worthy of mentioning security measures, which may minimize risks and negative consequences if cyber-attacks take place in future, including:

  • use licensed software;
  • use anti-virus solutions;
  • review the wording of the force-majeure clauses to make sure that cyber-attack is expressly listed as an event of force-majeure;
  • prepare in advance IT security policies addressing: (i) actions if a company undergoes cyber-attack, and (ii) procedure of collecting evidences of a cyber-attack;
  • pay attention to cyber-security, engage professional advisors and service providers in advance to ensure your business is properly protected.
  • make sure to implement protective measures, including a disaster recovery plan. Implement procedures which should be closely followed in case of a crisis. Clarify liabilities and potential consequences with your advisors and service providers.

If you have any questions, please feel free to contact Oleksandr Liulkov, Managing Partner Ukraine (oleksandr.liulkov@magnussonlaw.com; M: +380 67 729 9896)

This Legal Alert contains general information only, and Magnusson is not, by means of this document, rendering legal, tax, or other professional advice or services. This document is not a substitute for such professional advice or services, nor should it be used as a basis for any decision or action that may affect finances or business. Before making any decision or taking any action that may affect business, it is recommended to engage a qualified professional adviser.

 

Other News

  • NEW SWEDISH ACT ON THE PROTECTION OF TRADE SECRETS

    On 1 July 2018, the new Swedish Act on the Protection of Trade Secrets enters into force. It is based on an EU directive and follows the principles in the previous law, with some adjustments and adaptions. The government underlines that an overall purpose with the new law is the importance of securing competitiveness and improve the conditions for innovation and knowledge transfer.

    read more
  • MAGNUSSON WARSAW WELCOMES A NEW MEMBER TO ITS BANKING AND FINANCE PRACTICE

    Magnusson Warsaw strengths its Banking and Finance Practice with the arrival of new advocate Paulina Kotecka.

    read more
  • MAGNUSSON SHORTLISTED BY PIE EUROPEAN PROPERTY INVESTOR AWARDS 2018

    Renowned PIE (Property Investor Europe) Magazine shortlisted Magnusson in the category ”Law firm of the Year – Transactional”.

    read more
  • MAGNUSSON ADVISES WHEN GROW BECOMES A PART OF THE DIGITALIST GROUP

    Magnusson has advised the owners of Grow in connection with Digitalist Group’s acquisition of Grow including its subsidiaries in Sweden, Finland and Norway.

    read more
more NEWS