Unidentified hax0rs told not to blab shipping biz Clarksons' stolen data
Fat lot of good an injunction will do against unknown cybercrims
British shipping company Clarkson plc has obtained an injunction against hackers who broke into its IT systems, slurped a load of data and then tried to blackmail the business.
The judgment, handed down by High Court judge Mr Justice Warby earlier this week, orders the unknown hackers not to publish the stolen data and to pay Clarksons' legal costs.
As we reported last November, Clarksons confessed to the world that it had been hacked and said the public should expect the stolen data to become public, though it did not answer our questions at the time about whether that data included customer details.
Further information about the stolen Clarksons data has not emerged since the company's public warning, suggesting the hackmailers gave up after Clarksons refused to play along.
This is all academic as the hackers have seemingly remained completely anonymous, except for the email address which they used to threaten the firm. The judge, however, went through the motions anyway, ruling:
"The reason the defendant(s) have not appeared to respond to the claim and the application is, most likely, that they have no wish to identify themselves as the perpetrators of the apparent blackmail."
Clarksons boasts on its website that it is "the world's leading provider of integrated shipping services, bringing our connections and experience to an international client base". In 2016 the business turned over £306.1m.
High Court injunctions against publication were designed for the era when embarrassing info was going to be spread around by people armed with a physical printing press who were relatively easy to track down. In the age of the internet it's notoriously difficult to tell who is behind hacks that only state-sponsored attackers have the ability to carry out.
Yet, short of the hackers being positively identified at some point in the future, it is difficult to see what the injunction will achieve from a justice point of view.
After all, gaining unauthorised access to computer systems has been illegal for decades – and, by definition, criminals do not obey the law. ®