What began as targeted attack against a regional rival soon morphed into a global campaign that wreaked havoc on dozens of companies around the world.
After the malware rendered 1,700 servers and 24,000 laptops "Permanently dysfunctional," Mondelez submitted a $100 million property insurance claim, citing their coverage for "Physical loss or damage to electronic data, programs or software, including physical loss or damage caused by the malicious introduction of a machine code or instruction." Zurich, their insurer, refused to pay, citing an exclusion for "Hostile or warlike action in time of peace or war... by any government or sovereign power, military, naval or air force, or agent or authority of any party specified above." Mondelez is suing, putting an Illinois state judge in the unusual role of interpreting the law of armed conflict.
The Illinois court may rely not only on statements made by the U.S. and U.K. governments condemning Russia for these attacks, but also on the forensic analyses of private companies, including those based overseas.
ADVERTISEMENT. But even if the statements of Western governments and researchers are enough to convince courts of Russia's wrongdoing, does such an attack rise to the level of "Hostile or warlike action"? And if so, are victims of previous attacks publicly attributed to nation-states - like the North Korean attack on Sony or the Iranian attack on the Las Vegas Sands Corporation - in a similar position?
One nation's covert influence operation might be another's attack on election infrastructure.
We don't expect companies to defend themselves against nation-state attacks; we don't expect corporate guards to carry shoulder-launched rockets to defend against an air attack from a hostile nation.
We expect the cyber equivalent from every company in our nation.
https://thehill.com/opinion/cybersecurity/430608-what-does-cyberwar-look-like-were-about-to-find-out-but-from-an
After the malware rendered 1,700 servers and 24,000 laptops "Permanently dysfunctional," Mondelez submitted a $100 million property insurance claim, citing their coverage for "Physical loss or damage to electronic data, programs or software, including physical loss or damage caused by the malicious introduction of a machine code or instruction." Zurich, their insurer, refused to pay, citing an exclusion for "Hostile or warlike action in time of peace or war... by any government or sovereign power, military, naval or air force, or agent or authority of any party specified above." Mondelez is suing, putting an Illinois state judge in the unusual role of interpreting the law of armed conflict.
The Illinois court may rely not only on statements made by the U.S. and U.K. governments condemning Russia for these attacks, but also on the forensic analyses of private companies, including those based overseas.
ADVERTISEMENT. But even if the statements of Western governments and researchers are enough to convince courts of Russia's wrongdoing, does such an attack rise to the level of "Hostile or warlike action"? And if so, are victims of previous attacks publicly attributed to nation-states - like the North Korean attack on Sony or the Iranian attack on the Las Vegas Sands Corporation - in a similar position?
One nation's covert influence operation might be another's attack on election infrastructure.
We don't expect companies to defend themselves against nation-state attacks; we don't expect corporate guards to carry shoulder-launched rockets to defend against an air attack from a hostile nation.
We expect the cyber equivalent from every company in our nation.
https://thehill.com/opinion/cybersecurity/430608-what-does-cyberwar-look-like-were-about-to-find-out-but-from-an
No comments:
Post a Comment