therecord.media
Open in
urlscan Pro
2606:4700:4400::6812:20b5
Public Scan
URL:
https://therecord.media/german-national-bar-association-investigating-cyberattack
Submission: On August 24 via api from TR — Scanned from DE
Submission: On August 24 via api from TR — Scanned from DE
Form analysis 1 forms found in the DOM
<form><span class="text-black text-sm icon-search"></span><input type="text" name="s" placeholder="Search…" value=""><button type="submit">Go</button></form>Text Content
This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy. Accept * Leadership * Cybercrime * Nation-state * People * Technology * Mobile App * About * Podcast * Contact Go SUBSCRIBE TO THE RECORD Subscribe The Federal Administrative Court in Leipzig, Germany. Credit: bverwg.de Jonathan GreigAugust 18th, 2023 * News * Industry * Cybercrime * * * * * Get more insights with the Recorded Future Intelligence Cloud. Learn more. GERMANY’S NATIONAL BAR ASSOCIATION INVESTIGATING RANSOMWARE ATTACK A bar association representing German lawyers nationwide is investigating a cyberattack on its office in Brussels. The German Federal Bar (BRAK) Association discovered the attack on August 2. The group is an umbrella organization overseeing 28 regional bars across Germany and representing about 166,000 lawyers nationally and internationally. On Monday, the NoEscape ransomware group claimed it attacked the organization after BRAK announced last week that it was investigating a cyberattack. The organization did not respond to requests for an update on the situation, instead referring Recorded Future News to last week’s news release. In the statement they said they were working with a forensic firm to investigate the ransomware attack, which was discovered on August 2, on its Brussels office. They have been able to restore access to their email system and plan to contact anyone who had data accessed during the incident. “The Brussels office… fell victim to a criminal cyberattack, which led to a failure of the IT systems,” they wrote. Once discovered, “all network connections were immediately severed.” “BRAK is currently working with an external service provider for IT security on a forensic analysis of the IT systems in order to clarify the incident and repair the damage… BRAK reported the incident to the Federal Commissioner for Data Protection and is in contact with the Belgian police, the Berlin State Criminal Police Office and the Cyber Emergency Response Team of the Belgian Center for Cyber Security,” they added. The hackers encrypted BRAK’s mail server and exfiltrated 160 gigabytes of data. The organization is still trying to figure out how much information was taken involving communications from people contacting the Brussels office. The organization is operating under the assumption that such information was leaked. The organization runs a special email service for lawyers but said that mailbox is on a completely separate system. Officials said the ransomware gang threatened to leak what it stole and were told to contact the cybercriminals for more information. BRAK warned that people should be wary of any emails referencing or purporting to come from the organization — particularly any requests for bank account informationn. “The resumption of normal operations is being prepared,” they said. NoEscape, which is also stylized as N0_Esc4pe, made waves in June and July after forcing Hawaiʻi Community College to pay a ransom following an attack. Recorded Future ransomware expert Allan Liska said previously that NoEscape was first seen in May, when it advertised its services on the cybercriminal forum RAMP. The Record is an independent editorial unit of Recorded Future. NoEscape’s ransomware is “not based on previous/stolen source code and it is written in C++,” he said. “Despite being relatively new, they have already hit at least half a dozen victims including a hospital in Belgium, a manufacturing company in the US and another manufacturing company in the Netherlands,” Liska added. * * * * * Tags * law * Germany * Ransomware JONATHAN GREIG Jonathan Greig is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic. Previous articleNext article Ransomware gang threatens Raleigh Housing Authority months after devastating attack FBI, Air Force warn of cyberattacks on space industry by ‘foreign intelligence operations’ * Proposed bill would require vulnerability disclosure policies for all federal contractorsAugust 24th, 2023 * MacOS version of info-stealing XLoader gets an upgradeAugust 22nd, 2023 * Cyberattack on Belgian social service centers forces them to closeAugust 22nd, 2023 * Ukrainian hackers claim to leak emails of Russian parliament deputy chiefAugust 22nd, 2023 * Ecuador’s national election agency says cyberattacks caused absentee voting issuesAugust 21st, 2023 * Somalia bans TikTok, Telegram over ‘horrific' contentAugust 21st, 2023 * Tesla blames data breach affecting 75,000 on ‘insider wrongdoing’August 21st, 2023 * Australia’s .au domain administrator denies data breach after ransomware postingAugust 20th, 2023 * Illinois hospital notifies patients, employees of data breach after Royal gang postingAugust 18th, 2023 H1 2023: RANSOMWARE'S PIVOT TO LINUX AND VULNERABLE DRIVERS H1 2023: Ransomware's Pivot to Linux and Vulnerable Drivers THREAT ACTORS LEVERAGE INTERNET SERVICES TO ENHANCE DATA THEFT AND WEAKEN SECURITY DEFENSES Threat Actors Leverage Internet Services to Enhance Data Theft and Weaken Security Defenses REDHOTEL: A PROLIFIC, CHINESE STATE-SPONSORED GROUP OPERATING AT A GLOBAL SCALE RedHotel: A Prolific, Chinese State-Sponsored Group Operating at a Global Scale BLUECHARLIE, PREVIOUSLY TRACKED AS TAG-53, CONTINUES TO DEPLOY NEW INFRASTRUCTURE IN 2023 BlueCharlie, Previously Tracked as TAG-53, Continues to Deploy New Infrastructure in 2023 BLUEBRAVO ADAPTS TO TARGET DIPLOMATIC ENTITIES WITH GRAPHICALPROTON MALWARE BlueBravo Adapts to Target Diplomatic Entities with GraphicalProton Malware * * * * * Privacy Policy © Copyright 2023 | The Record from Recorded Future News