Diamond IT Blog

Law Firm Targeted By Hackers: The HWL Ebsworth Attack

Written by Samantha Cordell | June 16, 2023

Is your business protected from cyber crime? The recent alleged hack against a major Australian law firm confirms a cliche we know to be true. 'If it can happen to them, it can happen to anyone!' Take this article as your warning, whether you're a small business or large, to get your cyber security in order.

What happened to HWL Ebsworth?

According to ABC News, HWL Ebsworth received correspondence from an AlphV ransomware gang last month claiming it had published 1.45 terabytes of the law firm's data on the dark web.

Allegedly, the data had been stolen from HWL Ebsworth in late April.

The Russian-linked gang, known as BlackCat, left the firm one short (but certainly not sweet) message: "ENJOY!!!"

The firm refused to pay the demanded ransom - rumoured to be $5 million - and has now  taken out a court injunction to stop anyone dealing with the leaked data.

What data was leaked and how?

The hack is alleged - so it's unclear what data was leaked or published. The gang indicated that sensitive internal company data including financial and insurance data, credit card information, agreements and reports were in its possession. 

As one of Australia's biggest law firms, HWL Ebsworth deals with highly sensitive data. 

Some of its clients have previously included ANZ, the South Australian, Queensland and ACT governments, the Environment and Human Services Department and the Australian Taxation Office (ATO).

It is not publicly known how the data was leaked. 

Interestingly, it appears Twitter actually alerted the world to the incident! AlphV's claim was first picked up by threat analyst @CyberKnow20. 

 

Cyber security threats to the legal industry

Law firms are at an elevated risk from cyber attacks due to the nature of the sensitive and valuable information they handle.

Law firms are also often perceived as having relatively weaker cyber security defences compared to other industries.

As reported by Lawyers Weekly in mid-April, new research has found that the majority of legal professionals lack confidence in their firm’s ability to detect and respond to security breaches. The 2023 State of Cyber Maturity for Australian Law Firms report found that:

  • 51% of firms surveyed believed they are not prepared, nor confident in their threat detection and response capabilities.

In addition, there has been a dramatic increase in the number of ransomware attacks on Australian businesses across all industries.  

According to the latest Annual Cyber Threat Report 2021-2022, the Australian Cyber Security Centre recorded 76,000 cybercrime reports, representing a 13% increase from the previous financial year.
 

Why are so many cyber crimes happening?

There are a number of reasons why more cyber crimes than ever before are happening, not just in Australia but across the globe. These include:

  • Financial incentives: Cybercrime has become a lucrative business. Criminals are motivated by financial gain and have discovered various ways to monetize their activities. They engage in activities such as stealing sensitive data for ransom, conducting financial fraud, selling stolen information on the dark web, or engaging in cryptocurrency-related crimes.
  • Growing digital connectivity: The growing number of connected devices through, for example, cloud computing means there is a larger attack surface for cyber criminals to exploit.
  • Ease of execution: Cybercrime tools and resources are increasingly accessible, even to less technically skilled individuals. Cybercrime-as-a-Service (CaaS) offerings, such as exploit kits, ransomware-as-a-service, and botnets-for-hire can be easily obtained on underground forums. This lowers the entry barriers for potential attackers and contributes to the rise in cybercrime incidents.
  • Inadequate cyber security measures: Despite the growing awareness of cyber threats, some individuals and organisations fail to implement adequate cybersecurity measures. Weak passwords, lack of regular software updates, poor network security configurations, and insufficient employee training create vulnerabilities that can be exploited by cyber criminals.
  • Evolving tactics: Cyber criminals are adopting new techniques making them harder to spot. As they evolve and become more specialised using sophisticated tactics, it is becoming more and more challenging for defenders to keep up.

How Diamond IT can support you 
 

Diamond IT will work with you to ensure your cyber security posture is robust and that your staff are aware of the types of ever-evolving cyber threats.

Our online Cyber Security Staff Awareness Training and Cyber Security Health Check can equip you with tools and a high level of cyber and data awareness and comprehension, having an immediate impact on the strength of your security. 

Our Business Technology Consultants are specialists in improving your internal cyber security. We offer a range of security solutions to ensure your employees and business remains secure, with many included in our Managed IT Services offering including:

If you need advice on how you can ensure your cyber security strategy is fit for purpose, our team of cyber security experts are ready to help. Contact our team on 1300 307 907 today.
View full post