A profoundly troubling article by Bloomberg details expanding efforts by hackers to attack system networks of law firms to cull confidential data on sensitive deals and transactions. According to the January 31, 2012 article entitled “China-Based Hackers Target Law Firms to Get Secret Deal Data,” the attacks have been sufficiently serious that the FBI’s cyber division convened a meeting with the top 200 law firms in New York City last November to address the rising number of law firm intrusions.
One attack in particular involved China-based hackers looking to derail a $40 billion acquisition of the world’s largest potash producer by an Australian mining conglomerate. The hackers “zeroed in on offices on Toronto’s Bay Street, home of the Canadian law firms handling the deal.” According to the article:
“Over a few months beginning in September 2010, the hackers rifled one secure computer network after the next, eventually hitting seven different law firms as well as Canada’s Finance Ministry and the Treasury Board, according to Daniel Tobok, president of Toronto-based Digital Wyzdom. His cyber security company was hired by the law firms to assist in the probe. The investigation linked the intrusions to a Chinese effort to scuttle the takeover of Potash Corp. of Saskatchewan Inc. by BHP Billiton Ltd. as part of the global competition for natural resources, Tobok said. Such stolen data can be worth tens of millions of dollars and give the party who possesses it an unfair advantage in deal negotiations, he said.”
Why law firms? The article quotes Mary Galligan, the head of the FBI’s cyber division in New York as observing that “as financial institutions in New York City and the world become stronger, a hacker can hit a law firm and it’s a much, much easier quarry.” Galligan’s unit held the meeting with the 200 law firms as a result. “We told them they need a diagram of their network; they need to know how computer logs are kept,” the article quotes Galligan as saying of the meeting. “Some were really well prepared; others didn’t know what we were talking about.”
Mandiant, a cybersecurity firm based out of Alexandria, Virginia, estimates that 80 law firms were hacked last year. “Spear phishing” attacks (i.e., targeted attacks at particular individuals) or gaps when transitioning information to cloud storage sites are the preferred means of attack right now. At the November meeting, the FBI also recommended that the law firms review their mobility policies, including the security of e-mail linkups and mobile phones.
The takeaway? As trade secret lawyers, we frequently advise our clients on the importance of managing sensitive information — i.e., limiting access, use of encryption, having sound security policies that are implemented, and creating a culture of security. To the extent that law firms are managing highly sensitive technical data or are involved in highly sensitive transactions, they need to apply their own advice to their employees and IT networks.