Arbitration website hack is likely the work of Chinese hackers, cyberthreat group says
Image from Shutterstock.
A page on the Permanent Court of Arbitration’s website was hacked earlier this month, and the culprits are likely Chinese hackers, according to a cyberthreat research team called ThreatConnect.
ThreatConnect’s claim of the hack was confirmed by a source close to the Permanent Court of Arbitration, the Am Law Daily (sub. req.) reports.
The accessed page concerned disputed Chinese claims to waters in the South China Sea. Foley Hoag represents the Philippines in the case.
According to ThreatConnect, the hackers exploited a vulnerability in Adobe’s Flash Player software that could have allowed remote access to interested parties that accessed the website, if those parties used the Windows operating system and Adobe Flash Player.
The Am Law Daily explains the hack this way: “The strategy is known as a ‘watering hole’ attack, because the hackers’ end goal is to access the creatures who are predictably drawn to sip at the watering hole. In this case, Philippines counsel Foley Hoag … would presumably play the role of the thirsty gazelle.”
FireEye Inc. chief privacy officer Shane McGee agreed with ThreatConnect’s assessment that the hackers were probably the Chinese. McGee added that China “has a history of compromising law firms.”
“They are looking for IP, for bid data, for who’s talking to who, and who’s using whose satellites,” McGee told the Am Law Daily. “China’s hacking everybody all the time. They want to be one step ahead in litigation, in arbitration, in M&A. They’re the 800-pound gorilla of the hacking scene.”