Judge: IT company is not responsible for cyber attack Hof van Twente – Computer – News

By Owen May 13, 2023 Technology 0 Comments

A choose has dominated that IT firm Change doesn’t should pay the compensation of 4 million euros demanded by the Court docket of Twente in reference to the ransomware assault in 2020. The choose believes that the municipality itself had failed and that Change didn’t act negligently.

The choose states that Hof van Twente itself opened the rdp port to the web, set the easy-to-guess password ‘Welcome2020’, and had not activated two-step verification. In consequence, the municipality itself would have been chargeable for the ransomware assault, the choose dominated. As well as, neither the firewall rule adjustments nor the password change have been reported to the IT firm, Change IT Options. The municipality itself needed the best administration rights, which is why Change had already warned upfront that it ‘can’t be held chargeable for the implications of the personal actions of the staff of the municipality’.

The IT provider had ensured sufficient safety, the court docket acknowledged, and thus complied with its contractual agreements. The contract didn’t explicitly state that the provider was obliged to report safety dangers, nevertheless it did state that it was required to detect indicators of dangerous conditions. “It has been explicitly agreed that proactive monitoring solely issues the functioning of the servers, storage and community amenities. Unauthorized login makes an attempt and/or a brute power assault will solely be reported in practical monitoring in the event that they have an effect on the capability, efficiency and availability of the The municipality has acknowledged that this was the case right here, however has not substantiated it.”

In december 2020 erases a ransomware gang achieve entry to the municipality’s methods by way of a brute power assault, which have been contaminated with ransomware and subsequently rendered ineffective. The group then demanded 750,000 euros ransom. Hof van Twente refused to pay and, in line with the municipality, it has misplaced its whole IT infrastructure. Court docket of Twente steered that tens of 1000’s of login makes an attempt have been made on the servers of the municipality that weren’t seen by Change, and subsequently demanded compensation of 4 million euros.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Related Posts