PETYA CYBER-ATTACK: PRELIMINARY LEGAL IMPLICATIONS
As reported by the media, Oschadbank, Ukrposhta, Boryspil Airport, Kharkiv Airport, Ukrgasbank, OTP Bank, Ukrtelecom, Ukrzaliznytsia, Nova Poshta, Vodafone, Lifecell, DTEK, Kyiv Metro are among numerous companies which have been subsequently paralyzed.
Given unexpected, unprecedented and massive impact of the attack, confusion quickly shifted to fighting the immediate consequences of the attack. Both business and government acted in a swift way and the reactions included:
- on 4 July 2017 the Government approved draft amendments to the Tax Code of Ukraine whereby the taxpayers should be released from penalties for untimely registration VAT-invoices issued during 1 June to 15 June 2017 caused by the cyber-attack. Currently the Parliament is expected to vote for the mentioned draft amendments;
- the business, as reported, (i) filing applications to police for initiation criminal investigation with respect to cyber-attack, and (ii) working on restoring damaged files and networks and solutions to enhance its IT security;
- Ukrainian Chamber of Commerce and Industry is reported to agree to acknowledge Petya cyber-attack as a force-majeure event subject to compliance with the approved procedure of its confirmation by the proper evidences; and
- new case law / court practice with respect to force-majeure events and release from liability for damages caused by the recent attack is expected to be approved soon.
Regardless of the above changes in legislation and business environment, it is worthy of mentioning security measures, which may minimize risks and negative consequences if cyber-attacks take place in future, including:
- use licensed software;
- use anti-virus solutions;
- review the wording of the force-majeure clauses to make sure that cyber-attack is expressly listed as an event of force-majeure;
- prepare in advance IT security policies addressing: (i) actions if a company undergoes cyber-attack, and (ii) procedure of collecting evidences of a cyber-attack;
- pay attention to cyber-security, engage professional advisors and service providers in advance to ensure your business is properly protected.
- make sure to implement protective measures, including a disaster recovery plan. Implement procedures which should be closely followed in case of a crisis. Clarify liabilities and potential consequences with your advisors and service providers.
If you have any questions, please feel free to contact Oleksandr Liulkov, Managing Partner Ukraine (email@example.com; M: +380 67 729 9896)
This Legal Alert contains general information only, and Magnusson is not, by means of this document, rendering legal, tax, or other professional advice or services. This document is not a substitute for such professional advice or services, nor should it be used as a basis for any decision or action that may affect finances or business. Before making any decision or taking any action that may affect business, it is recommended to engage a qualified professional adviser.
MAGNUSSON TO PARTICIPATE IN ENTERPRISE2019 TECHNOLOGY ENTREPRENEURSHIP EVENT
Magnusson will be represented in the Enterprise2019 Technology Entrepreneurship event held in Oulu on Wednesday, 6 November 2019.read more
MAGNUSSON WARSAW ADVISES VASTINT POLAND ON THE SALE OF FOUR OFFICE BUILDINGS IN POZNAŃ
Magnusson Warsaw represented Vastint Poland in the process of selling the first stage of Business Garden Poznań. The Singaporean fund Cromwell European REIT became the new owner of the property.read more
MAGNUSSON ADVISED VON ELK COMPANY LTD
Magnusson advised Von Elk Company, known for Glöet, the most popular sparkling glögg in the Nordic countries, on its cooperation with Altia, a leading Nordic alcoholic beverage brand company operating in the wines and spirits markets in the Nordic and Baltic countries.read more
Amendments made to the AML Law
Amendments have been made to the Law on the Prevention of Money Laundering and Terrorism and Proliferation Financing, also known as the AML Law. The amendments are a part of Latvia’s attempts to comply with the legal acts of the European Union and to overcome the country’s weaknesses as stated in the Moneyval 2018 report. Taking into account the recent activities in terrorism and proliferation financing, an effective anti-money laundering system is essential in order to improve the finance sector and the country’s reputation on a global platform.read more