Cybercriminals target 50 BigLaw firms for phishing attacks seeking corporate deal info

  • Print


Image from Shutterstock.

A would-be securities fraud broker has spotlighted methods used in attempts to penetrate law firm computer systems, by seeking help with his project on a cybercriminal forum, authorities say.

A post earlier this year by “Oleras,” who lives in the Ukraine, outlined a plan to target nearly 50 BigLaw firms, most of them based in the U.S., in an attempt to get hold of documents that reveal information about pending corporate deals, Crain’s Chicago Business (sub. req.) reports.

Offering to pay a hacker $100,000 plus half the profits after the first $1 million, the broker outlined a plan to do keyword searches in law firm computer networks for documents likely to contain merger information. But first the hacker would have to get access to the law firm computer networks, and to do that the broker apparently suggested spear-phishing attacks on employees whose names, email addresses and social media account information were provided.

In another post, Oleras listed eight attorneys at major firms to target in a different phishing attack. It would purportedly seek to profile the lawyers in a trade magazine article on top mergers and acquisitions practitioners, the Crain’s article says.

After tricking individuals into handing over personal login information, a hacker can peruse the target’s email account for deal-related information, Tom Ricketts told the Am Law Daily (sub. req.). Although not involved in the Oleras probe, the Aon Risk Solutions senior vice president and executive director helps law firms with cyberinsurance and says they need to be on the alert for such incidents.

“More firms absolutely must take this incredibly seriously,” Ricketts said of Oleras-type tactics. “This is a major threat.”

Security firm Flashpoint pointed to the Oleras problem in an alert last month, which was followed by an alert by the FBI earlier this month, the Crain’s article says.

There appears to be no confirmation, at this point, that any of the potential law firm phishing attacks Oleras discussed were successful.

However, a Wall Street Journal (sub. req.) article says a number of major law firms, including Cravath Swaine & Moore, have suffered computer system breaches that are being investigated by the FBI and the Manhattan U.S. attorney’s office to determine whether material was stolen for insider-trading schemes.

The article relies on unidentified sources for this information. Cravath said a “limited breach” occurred last summer but the firm is “not aware that any of the information that may have been accessed has been used improperly.”

Related coverage: “Help wanted: Insider trader seeks hacker to access law-firm networks” “Red flag in email scams: ‘Have you already been contacted by (insert lawyer name)?’”

See also: “Associate Charged in Alleged $32M Insider Trading Scheme Involving 3 BigLaw Firms” “Fired Simpson Thacher managing clerk is indicted, accused of surfing firm computers for merger info”

Give us feedback, share a story tip or update, or report an error.