Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Hackers' dupes could face legal threat

From: InfoSec News <isn () C4I ORG>
Date: Thu, 15 Feb 2001 02:21:16 -0600
http://www.computerweekly.com/cwarchive/daily/20010214/cwcontainer.asp?name=C1.HTML&SubSection=6&ct=daily

Will Garside
14 February 2001

Companies whose computer systems are hijacked for denial of service
attacks are at increasing risk of being sued by the injured parties.

The Internet law practice at solicitors Barlow, Lyde and Gilbert has
reported a doubling in the number of clients seeking advice on legal
action against the sources of these attacks over the last six months.

Kitt Burden, senior partner at the London solicitors, said, "I'd like
to think this was just a case of us becoming increasingly sought after
but I think the increase is indicative of a more general trend."

Burden's warning comes within a week of a denial of service attack
that blocked access to several Microsoft Web sites. It also coincides
with the Anna Kournikova virus, which is spreading from computers at
one server to another using the same Visual Basic scripting technique
as last year's infamous Love Bug virus.

Burden said, "We have seen several recent incidents where our clients
have threatened legal action against trading partners who have been
the cause of a security breach or virus infection. All of these cases
have been settled out of court, primarily [because of] the unwanted
publicity connected with court cases."

Barlow, Lyde and Gilbert's clients include major companies with
technology interests such as PricewaterhouseCoopers, Cap Gemini Ernst
& Young, and ICL.

Security risks have also prompted increased interest in insurance
polices, according to Robert Goldhawk, a senior insurance underwriter
at Lloyds syndicate Hiscoxs.

"UK businesses are not prepared for the fallout of a major e-business
loss of service or security problem. We have received more requests
for Internet insurance but we cannot extend a policy unless the
customer can prove they have continual security procedures with
contingency planning. This is essentially a risk management exercise
but many companies are not in a position to comply."

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".
Previous By Date Next
Previous By Thread Next

Current thread: