ESET: Cybercriminals sell access to law firms in the Deep Web

ESET, a leading proactive threat detection company, analyses the case of attacks directed at law firms that are affecting several countries in order to sell or expose their confidential information and that of your clients.

This year, Tony Anscombe, ESET’s Global Security Evangelist, made a tour of the deep web and ensures that “today it can be very easy to access tools or sensitive information in the ‘ dark web ‘.” In 2017 Stephen Cobb, Senior Security Researcher of ESET, published an article where he mentioned that “most of the elements that are needed to commit a cybercrime can be bought or sold online if you know where to look, because in the Deep Web the cybercriminals find the perfect space to monetize the result of his work.”

In this sense, this week the CNBC News Portal reported that according to the firm specializing in monitoring the Deep Web, Q6 Cyber, the cybercriminals are offering in forums access to networks and archives of law firms in new York, Hollywood and Beverly Hills, as well and other parts of the United States. They ensure that the price for access to a network is USD 3,500, and the cybercriminals are willing to show screenshots to show that they managed to penetrate their systems.

Important studies of lawyers that usually work in operations that involve a lot of money or work with companies that are listed on the market, surely have a lot of exclusive and sensitive information so if someone has access to that Information can make changes and end up getting a lot of money.

In recent times, law firms have become an easy target for cybercriminals. Almost 400 incidents of cybersecurity were managed in Spain. In 2017, the Spanish law firm Araoz & Rueda announced by email to its contacts that the firm had suffered a cyberattack that could compromise information of its customers and suppliers and put them on alert to what could happen from that Time. They also warned: “We ask that if in the coming days you receive a suspicious message in relation to our firm, either by content or by its sender, ignore any hyperlink inserted in it and put it in our knowledge with the greatest Brevity. ”

The attacks are also used to bring to light confidential information from clients, as happened with the Panama papers or with football Leaks, filtering numerous documentation. World-class cyber such as Wannacry and Petya also had legal signatures among their victims. In fact, the list of victims of Petya included one of the largest law firms in the world, DLA Piper, who spent almost a week paralyzed, without access to their systems, emails or telephones.

In Latin America There were recent cases that demonstrate this, as was the cyberattack that affected banks in Mexico, where criminals managed to violate a Web service that connects with the system of interbank electronic Payments (SPEI) and stole a number Close to 400 million Mexican pesos.

According to Tony Anscombe during his speech at Segurinfo 2018, “Access to malicious programs like the malware industry itself is closer to what many believe and is palpable, being accessible even to those who do not have great knowledge” . There are hundreds of pages in several languages that are dedicated only to cybercrime, where thousands of actors operating in this industry interact and exchange ideas. Also, many of the individuals who connect through these forums share a sense of community that motivates them to share tricks and tips to help others enter the cybercrime business.

“The type of industries affected by targeted attacks varies more and more. From ESET we argue that in the face of a malware industry that grows every day, security education remains a key topic for the future; especially thinking about the next generations. “, says Camilo Gutierrez, head of the Research Laboratory of ESET Latin America.