IEyeNews

iLocal News Archives

Dozens of big US firms targeted by hacker seeking M&A info

phishingBy Nell Gluckman, from The Am Law Daily

For several years law firms have been a key target for hackers seeking to obtain confidential information about initial public offerings, intellectual property and M&A deals, claim cybersecurity consultants, but rarely does word about specific attacks become public.

On Tuesday, Crain’s Chicago Business reported that 48 top firms, most of which appear in the Am Law 100 rankings, were targeted recently by a Russian hacker living in Ukraine seeking to trade on M&A information stolen from law firms.

According to Crain’s, a cybercriminal named “Oleras” shared a plan to hack those firms on a cybercriminal forum in an attempt to solicit help from other hackers. The hacker named firms such as Akin Gump Strauss Hauer & Feld, Kirkland & Ellis, Sidley Austin and Sullivan & Cromwell as potential targets, according to the report.

The Am Law Daily reached out to several of the firms listed by Flashpoint, all of whom either declined to comment or did not answer requests to do so.

A spokeswoman for Seattle-based Flashpoint said that all the information “has been turned over to authorities, and they’re handling the investigation at this time.” An FBI spokeswoman declined to comment.

Tom Ricketts, a senior vice president and executive director at Aon Risk Solutions, a unit of insurance brokerage giant Aon plc, which has helped more than 60 law firms buy cyberinsurance within the last two years, said this type of incident is not uncommon.

“More firms absolutely must take this incredibly seriously,” said Ricketts, who was not involved in the attempted attack by the so-called Oleras. “This is a major threat.”

Ricketts said that hackers will typically pose as someone they’re not and send emails to firm employees and partners that are meant to trick the recipient into handing over their login credentials. The hackers can then peruse their victim’s emails for information about pending business transactions that a firm’s clients are involved in.

Ricketts said these scams, known as phishing attacks, have become increasingly sophisticated. Hackers no longer need to send out thousands of spam emails in the hope that one or two careless people will click on a nefarious link. Ricketts said he was involved in an incident recently in which the hacker sent 70 emails and got four hits in response.

The security firm FireEye Inc. published a report detailing the methods used by one group, calling itself “Fin4,” which uses phishing attacks to obtain M&A information. The group’s fake emails are written in perfect English, use investing terminology and often “play up shareholder and public disclosure concerns,” the report said.

Of the more than 100 companies targeted by this group, 20 percent were law firms, according to Milpitas, California-based FireEye. In some instances, the hackers were able to inject themselves into email threads between company employees.

On March 3, the FBI released a notification about the threat posed by the cybercriminal who was trying to hire other hackers to help gain access to law firms, Bloomberg Big Law Business reported at the time. The notification advised firms to educate personnel about the threat of cyberattacks and to carefully scrutinize all emails, the report said. 

Knowledge of the tools used by hackers often isn’t enough. Last year Russian hackers gained access to sensitive U.S. Department of Defense servers through phishing attacks that duped security professionals into clicking on emails containing malicious code, according to a report by CNET, which noted that hackers also found their way into the personal email account of John Brennan, the director of the CIA.

showWall (checkPLAC): subscriptionID (checkPLAC): userStateString from CheckPLAC : ClientFromValidReferrerAllowedAccessToFreeWithRegContent allowAccess from CheckPLAC: false lexisWallOverride from CheckPLAC: false interactiveList size: 0

For more on this story go to: http://www.americanlawyer.com/id=1202753597574/Dozens-of-Big-Firms-Targeted-by-Hacker-Seeking-MA-Info#ixzz44UXVIgg2

LEAVE A RESPONSE

Your email address will not be published. Required fields are marked *