Join our subscribers
Can Lady Gaga and Madonna get people to take security seriously?
Wednesday, May 13, 2020
The holding to ransom of a business that very few people have ever heard of rarely makes the mid-afternoon news bulletin on BBC Radio 2, but the mainstream media was prepared to make an exception in the case of NYC-based law firm Grubman Shire Meiselas and Sacks, which has been attacked by Gold Southfield, the cyber crime group behind the ReVIL/Sodinokibi ransomware strain. Why might this be?
Ilia Kolochenko, founder and CEO of web security specialist ImmuniWeb, said such law firms are almost irresistibly vulnerable to cyber criminals.
“Law firms are increasingly becoming desirable targets of sophisticated cyber gangs,” he said. “It is often much easier and faster to breach a mid-sized law firm to get ultra-confidential data compared to targeting its large clients directly, such as banks or celebrities, as reportedly happened in this case.”
Kolochenko said that, in general, he saw little interest among legal firms in prioritising investment in things that can ward of a ransomware attack before any damage is done, such as basic cyber resilience and defence, staff training, or incident detection and response.
“Worse, modern law firms have to deal with diversified digital flow of sensitive and privileged data on their mobile phone, laptops and office computers,” he said. “Partners and clients exacerbate this convoluted landscape by uploading confidential documents to public cloud or file-sharing websites.” Read Full Article
SC Media: REvil hackers extort law firm with Lady Gaga, Nicki Minaj, Elton John as clients
Silicon UK: Celebrity Law Firm Hacked, Attackers Threaten To Leak Stolen Data
