Law Firms Warned of Heightened Cybersecurity Threat Amid Russia’s War

After a raft of debilitating Western sanctions on Russia and the exodus of global firms from Moscow, Russia-originating cyber attacks are a growing concern concern among law firms, as the war delivers the loudest reminder yet to both firms and their clients that they must be prepared.

Given the increased friction between Russia and the West could put firms at risk, said Peter Craddock, a Brussels-based partner at Keller & Heckman focusing on privacy and cybersecurity.

“Coupled with the sanctions, this has put a bigger target on Western organizations and authorities than previously, simply because there’s that potential for retaliation,” he said.

He stressed that the current crisis is a “clear reminder” that organisations should be prepared.

“It doesn’t matter if it’s in this context – the war in Ukraine – or another context; it is going to happen,” he said. “Some of the biggest attacks we had over the past year, Colonial Pipeline for instance, had nothing to do with world events. They were just interesting targets.”

Craddock noted that law firms can be particularly interesting given the sensitive material they tend to hold, such as business dealings, confidential processes shared with law firms for evaluation, or upcoming transactions that could affect share prices.

“All sorts of confidential information is being shared with law firms on a daily basis,” he said. As such, they have must put in “a significant effort” to ensure their systems are properly tested  and stay up-to-date.

Finally, Craddock said it was important to keep aware that even when a business is not directly targeted, the fallout can still cause indirect impact through the supply chain or infrastructure.

Examples such as the NotPetya virus unleashed by Moscow against Ukraine in 2017 quickly spread around the world, infecting multinational companies such as global shipping company Maersk, pharmaceutical giant Merck, and FedEx’s European subsidiary, among others.

In Italy, Stefano Mele, a partner at Gianni & Origoni specializing in ICT, privacy and cybersecurity law, said that the risk at this very moment is low, with Russia occupied by real armed conflict, but warns that there is a real risk of future danger, such as retaliatory attacks.

“If the financial market crisis, the heavy sanctions imposed and the fact that multinationals are abandoning Russia are considered, different risks for European companies can be underlined,” he said. “In this context, the risk of cyber-attacks by Russia and its proxies is high, especially in response to economic sanctions,” he said. 

According to Mele, European private and public entities are particularly at heightened risk. 

“Indeed, an increase in economic extortion to generate revenue to compensate for economic impacts should be seen, as well as retaliatory attacks that are focused on inflicting widespread or targeted economic harm and other disruption,” he said.

The Italian partner also emphasized that risks can spread through a supply chain: “It is important to highlight that the consequences of cyber-attacks can affect also the suppliers of the attacked actor,” he said.

Mele agreed that law firms are at the forefront of supporting and advising companies in dealing with cybersecurity incidents, particularly in terms of privacy, IT and cybersecurity.

He noted that it is often the “frantic hours following a cyber-attack” that require prompt but careful attention, advising on companies’ and boards’ obligations and supporting decision-making which needs to be made and implemented in a very short time frame.

The digital borderless nature of cyber issues also means, as Mele noted, that firms providing advice in this area, such as Gianni & Origoni, must increasingly assist clients not only in the compliance with the national and European cybersecurity regulations, but in concert with major national and multinational players and considerations.

In Germany, lawyers at Noerr said the German Federal Office for Information Security (BSI) reported an increased “abstract” risk, rather than specific risk associated with the war, but this has nevertheless prompted clients to seek advice on preparation measures.

“We haven’t seen any increase of cyberattacks in the last three weeks, and we do not have any indications that it will go that way,” Daniel Rücker, a Noerr partner specialised in data protection and IT law, said. 

“There’s this abstract increased risk, but it hasn’t been realized, at least, so far – it may change any day,” he said. “Nevertheless, we’ve received requests from clients who saw the BSI warning and are seeking support for dealing with cyberattacks, should they occur, as best as possible.”

In that sense, Rücker saw this as a positive response from business, as, in general, many (but not all) companies still have much work to do in improving their cyber resilience. 

“Often, there is quite some room for improvement,” he said. 

In that respect, law firms are able to support businesses in various capacities regarding cybersecurity.

“You need guidelines on all the relevant legal aspects, and this is what we are currently doing for several clients,” Rücker said. “A framework is necessary, which includes employees being instructed on each and every aspect and on how they’re supposed to act in certain scenarios. Such as a data breach policy, which outlines, in detail, strict guidelines, step-by-step.”

“You can plan for these scenarios, and you can plan communication strategies, at least on a high level,” he said.

Comments are closed.