Hackers threaten to leak data from legal services firm
Hackers from a cyber-crime collective have targeted a legal services firm and top-tiered clients in a ransomware attack, warning the firm to give into their demands within seven days or risk a leak of their ransomed data.
Legal services firm Law In Order confirmed that it had been the victim of a ransomware attack from an international cyber-crime group that has forced it to limit access to online networks and put a stop to its business operations. The firm was told it had seven days to respond to demand before more of its data is released on the dark web.
Hacking group NetWalker has taken responsibility for the attack and has uploaded the demands and a snippet of what it claimed was the stolen data along with extracts from Law In Order’s website. From screenshots obtained on social media, the firm had just over six days to respond to the demands, starting Tuesday, 24 November.
In an update released on the firms’ site – which is currently unstable as it manages the attack – it noted: “We are investigating the extent to which information contained in our system, including sensitive personal information, has been affected.”
“At this stage, we have seen no evidence of data exfiltration nor anything that indicates Law In Order’s customers’ networks have been compromised,” it said.
Based on testimonials from the site, the legal services firm has clients from global and top-tiered firms as well as royal commissions. Signing off on several of the testimonials were staff from Slater and Gordon, Allen & Overy, HWL Ebsworth and Hall & Wilcox.
According to online sources, NetWalker works by stealing data and leaking folders full of screenshots to “prove” it has the information. It then will threaten to release the rest of the data if demands aren’t met. During 2020, the hacking group has been known to use the pandemic against victims by tricking them into clicking on email attachments.
Law In Order said it engaged cyber-security investigators and advisers to work with its IT team so it can understand the full scope of the incident before it brings its networks back online safely and quickly. The legal services firm is also working closely with the Australian Federal Police and with the Australian Cyber Security Centre.
“We are making progress; however, it is important we do this methodically and safely, as we work to resume normal business operations,” the firm said.