Interesting. A Ukrainian criminal has essentially announced his intention to attack 50 law firms worldwide in order to get insider information on securities:
The mastermind, a broker named "Oleras" living in Ukraine, has been attempting since January to hire hackers to break into the firms' computer systems so he can trade on insider information, according to a Feb. 3 alert from Flashpoint, a New York threat intelligence firm.
Kirkland & Ellis, Sidley Austin, McDermott Will & Emery and Jenner & Block all were listed on a spreadsheet of potential marks. It named 46 of the country's largest law firms, plus two members of the UK's Magic Circle.
In this latest scheme, Oleras posted on a cyber criminal forum a plan to infiltrate the law firms' networks, then use keywords to locate drafts of merger agreements, letters of intent, confidentiality agreements and share purchase agreements. The list of targeted law firms also included names, email address and social media accounts for specific employees at the firms.
Now, having worked in both law and IT, I am a bit worried about this. Attorneys, bless their hearts, are not the most technically-savvy group of people, usually. I hope the targeted law firms have really good IT staffs—but that won't matter if the attorneys themselves get targeted in spear-phishing attacks.
Maybe we just need to make them liable for information disclosure. That will get their attention.