Energy 5 July, 2017 9:00 am   
COMMENTS: Mateusz Gibała

Cyber attacks – are we at risk of losing control over data?

More and more often, global hacker attacks, like the one where the Petya virus was used, are paralyzing computers in, among others, Great Britain, Holland and Ukraine. The attacks also took place in Poland, which is why the Polish Prime Minister convened the meeting of the emergency team, writes Jakub Sierakowski, expert of seCrypt®

It is plain that the situation is serious and the attacks pose a threat not only to the security of large companies or government bodies, but also to every citizen. In case of companies that handle sensitive data, business secrets or personal data databases, the consequences may be serious. In the face of a cyber attack, hackers may extort money from such an entity, which can be exposed to multi-million losses related to downtime or potential penalties for insufficient protection of personal data.

The phenomenon of terrorism in the world wide web is becoming more prevalent and no longer pertains to large companies or governments only, but also to small businesses. In 2015 there were 4 million of such attacks, while in 2016 there were 638 million. And one can assume that this issue will become more widespread in the increasingly computerized world. It needs to be stressed that usually it is the small businesses and public institutions like schools, hospitals or primary health centers are more susceptible to the dire consequences of hacker attacks. Low budget and weak IT infrastructure as well as lack of their own IT department, make the level of data protection in those places insufficient. This is where an additional problem appears. Both the Polish law, as well as the EU General Data Protection Regulation (GDPR), which will enter into force in less than a year, will impose strict penalties for the lack of due diligence when it comes to protecting personal data.

Non-compliance with procedures ensuring personal data protection may lead to a fine, deprivation of liberty or imprisonment for up to 2 years. The sanctions imposed by the EU regulator are even more harsh, they include an administrative penalty of up to EUR 10 million or 2% of worldwide turnover and EUR 20 million, or 4% of worldwide turnover for failing to secure data. Public institutions or small businesses may not be able to handle such a serious burden. The risk is not worth taking, especially considering the fact that the risk of a data breach is increasing and becoming more real every month.

This is why it is important to protect digital data by using the best option that is currently available – encryption, which ensures maximum protection. Local file encryption, and fire encryption together with saving them in an encrypted cloud, not only makes it impossible to read the stolen data, but also allows to recover the data from the cloud. It is also worth noticing that such a provision fulfills all legal requirements of personal data protection. Thanks to that it allows to protect oneself against losses caused by a hacker attack and avoid financial sanctions as well as legal responsibility.