The hits just keep on coming. Global law firm Seyfarth Shaw announced that it has been the victim of a cyberattack presumed to be ransomware on October 10th. As I write this post on October 13, the following language appears on the firm’s website: https://www.seyfarth.com/malware-attack-information.html
“On Saturday, October 10, 2020, Seyfarth was the victim of a sophisticated and aggressive malware attack that appears to be ransomware. We understand that a number of other entities were simultaneously hit with this same attack. Our monitoring systems detected the unauthorized activity, and our IT team acted quickly to prevent its spread and protect our systems. We have found no evidence that any of our client or firm data were accessed or removed. However, many of our systems were encrypted, and we have shut them down as a precautionary measure.
Our clients remain our top priority, and we will continue to do everything necessary to protect their confidential information and continue to serve them. We are coordinating with the FBI and are working around the clock to bring our systems back online as quickly and safely as possible.
While our phone system has not been affected, you can get a message to us via this Contact Form if you are having difficulty reaching us. We will also provide updates on our website and share information as it becomes available.”
The National Law Journal posted the following additional information:
“DLA Piper was hit by a ransomware attack in 2017, and New York-based Grubman Shire Meiselas & Sacks was targeted in May.
Greenberg Traurig; Sullivan & Cromwell; Wachtell, Lipton, Rosen & Katz; and Cravath, Swaine & Moore were cyberattack targets more than a decade ago, according to FBI files declassified earlier this year.”
It is common these days for the ransomware victim’s data to be exfiltrated, so I never regard that data as “safe” absent a clear statement following a digital forensics investigation. Typically, the criminals play out the ransom demand for the decryption key first and only later follow up with another ransom demand in exchange for their promise to destroy the data in their possession (which they prove by providing some of it). And criminals never lie, right?
Sharon D. Nelson, Esq., President, Sensei Enterprises, Inc.
3975 University Drive, Suite 225|Fairfax, VA 22030
Email: firstname.lastname@example.org Phone: 703-359-0700
Digital Forensics/Cybersecurity/Information Technology