www.helpnetsecurity.com Open in urlscan Pro
34.214.48.115  Public Scan

Submitted URL: http://link.kirkhamirontech.com/ls/click?upn=NvqH0RkeKm-2BKIv1cx2MIE8qijHAQlxqaYLO0DFfVMFejsVIR-2FDdYeZbmiurGN5-2FYQoes2Oqo4LN8D...
Effective URL: https://www.helpnetsecurity.com/2016/03/31/hackers-breaching-law-firms-for-insider-trading-info/
Submission: On August 04 via api from US — Scanned from DE

Form analysis 1 forms found in the DOM

POST

<form id="mc4wp-form-1" class="mc4wp-form mc4wp-form-244483 mc4wp-ajax" method="post" data-id="244483" data-name="Footer newsletter form">
  <div class="mc4wp-form-fields">
    <div class="hns-newsletter">
      <div class="hns-newsletter__top">
        <div class="container">
          <div class="hns-newsletter__wrapper">
            <div class="hns-newsletter__title">
              <i>
                        <svg class="hic">
                            <use xlink:href="#hic-plus"></use>
                        </svg>
                    </i>
              <span>Cybersecurity news</span>
            </div>
          </div>
        </div>
      </div>
      <div class="hns-newsletter__bottom">
        <div class="container">
          <div class="hns-newsletter__wrapper">
            <div class="hns-newsletter__body">
              <div class="row">
                <div class="col">
                  <div class="form-check form-control-lg">
                    <input class="form-check-input" type="checkbox" name="_mc4wp_lists[]" value="520ac2f639" id="mcs1">
                    <label class="form-check-label text-nowrap" for="mcs1">Daily Newsletter</label>
                  </div>
                </div>
                <div class="col">
                  <div class="form-check form-control-lg">
                    <input class="form-check-input" type="checkbox" name="_mc4wp_lists[]" value="d2d471aafa" id="mcs2">
                    <label class="form-check-label text-nowrap" for="mcs2">Weekly Newsletter</label>
                  </div>
                </div>
              </div>
            </div>
            <div class="form-check form-control-lg mb-3">
              <input class="form-check-input" type="checkbox" name="_mc4wp_lists[]" value="28abe5d9ef" id="mcs3">
              <label class="form-check-label" for="mcs3">(IN)SECURE - monthly newsletter with top articles</label>
            </div>
            <div class="input-group mb-3">
              <input type="email" name="email" id="email" class="form-control border-dark" placeholder="Please enter your e-mail address" aria-label="Please enter your e-mail address" aria-describedby="hns-newsletter-submit-btn" required="">
              <button class="btn btn-dark rounded-0" type="submit" id="hns-newsletter-submit-btn">Subscribe</button>
            </div>
            <div class="form-check">
              <input class="form-check-input" type="checkbox" name="AGREE_TO_TERMS" value="1" id="mcs4" required="">
              <label class="form-check-label" for="mcs4">
                <span>I have read and agree to the <a href="https://www.helpnetsecurity.com/newsletter/" target="_blank" rel="noopener" class="d-inline-block">terms &amp; conditions</a>
                </span>
              </label>
            </div>
          </div>
        </div>
      </div>
    </div>
  </div><label style="display: none !important;">Leave this field empty if you're human: <input type="text" name="_mc4wp_honeypot" value="" tabindex="-1" autocomplete="off"></label><input type="hidden" name="_mc4wp_timestamp"
    value="1691154964"><input type="hidden" name="_mc4wp_form_id" value="244483"><input type="hidden" name="_mc4wp_form_element_id" value="mc4wp-form-1">
  <div class="mc4wp-response"></div>
</form>

Text Content

searchtwitterarrow rightmail strokearrow leftmail solidfacebooklinkedinplusangle
upmagazine plus
 * News
 * Features
 * Expert analysis
 * Videos
 * Events
 * Whitepapers
 * Industry news
 * Product showcase
 * Newsletters

 * 
 * 
 * 


Zeljka Zorz, Editor-in-Chief, Help Net Security
March 31, 2016
Share


HACKERS BREACHING LAW FIRMS FOR INSIDER TRADING INFO



Two of the most prestigious law firms in the US, best known for their financial
services and corporate practices, have had their computer networks compromised
by hackers.



According to the WSJ, the FBI is investigating breaches at Cravath Swaine &
Moore LLP and Weil Gotshal & Manges LLP, trying to ascertain whether the
attackers managed to access information that could have helped them with their
insider trading efforts.


WARNINGS ARE SENT OUT

Apparently, other law firms have been targeted as well – so many, in fact, that
the FBI sent a warning to law firms about the attacks.

“The FBI has issued a Private Industry Notification to law firms indicating that
a cyber crime insider trading ring is targeting ‘international law firm
information used to facilitate business ventures,'” shared Linn Foster Freedman,
a litigator who leads Robinson+Cole’s Data Privacy and Security Team.

“According to the FBI ‘the scheme involves a hacker compromising the law firm’s
computer networks and monitoring them for material, non-public information… This
information, gained prior to a public announcement, is then used by a criminal
with international stock market expertise to strategically place bids and
generate a monetary profit,'” she noted.

Apparently, a criminal actor has recently posted a job offer on a cyber criminal
online forum for hackers who could gain “sustained access to the networks of
multiple international law firms.”

Iin February, a post on an underground Russian website was made by an individual
looking to get hired for his phishing skills, and in the posting he pointed out
specific law firms as potential targets.

The investigation into these attacks has been going on since last year, and the
breach at Cravath Swaine & Moore LLP dates back to last summer, so this might be
an attack campaign that has been going on for a while.

In the meantime, security firm Flashpoint has also been warning law firms about
possible attacks, and information on these attacks has also been propagated
through the Financial Services Information Sharing and Analysis Center
(FS-ISAC).

“The discovery of these breaches is yet another example of how exposed
professional organizations truly are,” says Adam Levin, chairman of IDT911.

“The bad guys gained privileged access by way of stolen credentials, infected
computers with malware, monitor activity, collect information and then use it
for their financial gain. The FBI is currently investigating to determine
whether confidential information was stolen for the purpose of insider trading.
Unfortunately, it is equally likely that employee and client records were also
accessed,making them prime targets for further spear phishing and social
engineering attacks.”

He advises lawyers or staff members who may have been exposed to be
hyper-vigilant about monitoring accounts for fraudulent activity.

“They must not click on any links or attachments in emails without confirming
the authenticity of the sender, change passwords for potentially compromised
accounts and update security programs to protect personal data,” he noted.

“Professional organizations need to acknowledge their constant state of
vulnerability and radically change their corporate culture by implementing more
sophisticated security protocols, stepping up employee awareness training
programs and adopting robust damage control programs that can limit the
inevitable fallout from events such as these.”


WHY LAW FIRMS?

Law firms are ideal targets for insider traders, as they usually hold trade
secrets and other sensitive information about corporate clients.

But they are not the only ones that have this kind of info. Last August, the US
Securities and Exchange Commission announced civil fraud charges against 32
individuals – 2 hackers and 30 traders – who allegedly hacked into newswire
services (Business Wire, PR Newswire, Marketwired) to obtain nonpublic
information about corporate earnings announcements, and used that information to
place illicit trades in stocks, options, and other securities.

The hackers and some of those traders have also been hit with criminal charges
tied to the scheme.

Dodi Glenn, VP of cyber security at PC Pitstop, says that we are seeing a large
spike in corporate law firms – specific to patent and IP attorneys – being
breached, and that there are a couple reasons why.

The first one is getting confidential information of insider trading. “Secondly,
these law firms house email addresses of critical, and sometimes high level
executive management, at very large organizations. Lists can be compiled and
sold on the black market for hackers looking to try phishing attacks, which are
often designed to steal PII or have financial transactions illegally conducted,
such as wire transfers, etc.”




More about
 * cyber espionage
 * cybercrime
 * data theft
 * FBI
 * law firms

Share this

FEATURED NEWS

 * Google makes removal of personal user info from Search easier
 * August 2023 Patch Tuesday forecast: Software security improvements
 * Multi-modal data protection with AI’s help

Free entry-level cybersecurity training and certification exam


SPONSORED


EBOOK: 9 WAYS TO SECURE YOUR CLOUD APP DEV PIPELINE


FREE ENTRY-LEVEL CYBERSECURITY TRAINING AND CERTIFICATION EXAM


GUIDE: ATTACK SURFACE MANAGEMENT (ASM)




DON'T MISS


GOOGLE MAKES REMOVAL OF PERSONAL USER INFO FROM SEARCH EASIER


AUGUST 2023 PATCH TUESDAY FORECAST: SOFTWARE SECURITY IMPROVEMENTS


MULTI-MODAL DATA PROTECTION WITH AI’S HELP


THE DIRECT IMPACT OF CYBERATTACKS ON PATIENT SAFETY AND CARE DELIVERY


RUSSIAN APT PHISHED GOVERNMENT EMPLOYEES VIA MICROSOFT TEAMS




Cybersecurity news
Daily Newsletter
Weekly Newsletter
(IN)SECURE - monthly newsletter with top articles
Subscribe
I have read and agree to the terms & conditions
Leave this field empty if you're human:

© Copyright 1998-2023 by Help Net Security
Read our privacy policy | About us | Advertise
Follow us
×